From nobody Sun Apr 28 01:02:58 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 150851291482068.35046191827041;
 Fri, 20 Oct 2017 08:21:54 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
 [10.5.11.12])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 358B185363;
	Fri, 20 Oct 2017 13:48:03 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 0FB8F60E37;
	Fri, 20 Oct 2017 13:48:03 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id AC175410B5;
	Fri, 20 Oct 2017 13:48:02 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v9KDlx7w020276 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 20 Oct 2017 09:47:59 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id BC0F85D762; Fri, 20 Oct 2017 13:47:59 +0000 (UTC)
Received: from angien.brq.redhat.com (unknown [10.43.2.136])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 2EB885EDE1;
	Fri, 20 Oct 2017 13:47:55 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 358B185363
Authentication-Results: ext-mx01.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx01.extmail.prod.ext.phx2.redhat.com;
 spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 20 Oct 2017 15:47:26 +0200
Message-Id: 
 <ff89b99eef514bc4655881c026b58e7e2de2fa0c.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Cc: Peter Krempa <pkrempa@redhat.com>
Subject: [libvirt] [PATCH 01/12] storage: Extract common code to retrieve
	driver backend for support check
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]);
 Fri, 20 Oct 2017 13:48:03 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

The 'file access' module of the storage driver has few feature checks to
determine whether libvirt supports given storage driver method. The code
to retrieve the driver struct needed for the check is the same so it can
be extracted.
Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/storage/storage_source.c | 43 +++++++++++++++++++---------------------=
---
 1 file changed, 19 insertions(+), 24 deletions(-)

diff --git a/src/storage/storage_source.c b/src/storage/storage_source.c
index 419fa3d43..e3c5c3285 100644
--- a/src/storage/storage_source.c
+++ b/src/storage/storage_source.c
@@ -44,24 +44,30 @@ virStorageFileIsInitialized(const virStorageSource *src)
 }


-static bool
-virStorageFileSupportsBackingChainTraversal(virStorageSourcePtr src)
+static virStorageFileBackendPtr
+virStorageFileGetBackendForSupportCheck(const virStorageSource *src)
 {
     int actualType;
-    virStorageFileBackendPtr backend;

     if (!src)
-        return false;
+        return NULL;
+
+    if (src->drv)
+        return src->drv->backend;
+
     actualType =3D virStorageSourceGetActualType(src);

-    if (src->drv) {
-        backend =3D src->drv->backend;
-    } else {
-        if (!(backend =3D virStorageFileBackendForTypeInternal(actualType,
-                                                             src->protocol,
-                                                             false)))
-            return false;
-    }
+    return virStorageFileBackendForTypeInternal(actualType, src->protocol,=
 false);
+}
+
+
+static bool
+virStorageFileSupportsBackingChainTraversal(virStorageSourcePtr src)
+{
+    virStorageFileBackendPtr backend;
+
+    if (!(backend =3D virStorageFileGetBackendForSupportCheck(src)))
+        return false;

     return backend->storageFileGetUniqueIdentifier &&
            backend->storageFileRead &&
@@ -80,21 +86,10 @@ virStorageFileSupportsBackingChainTraversal(virStorageS=
ourcePtr src)
 bool
 virStorageFileSupportsSecurityDriver(const virStorageSource *src)
 {
-    int actualType;
     virStorageFileBackendPtr backend;

-    if (!src)
+    if (!(backend =3D virStorageFileGetBackendForSupportCheck(src)))
         return false;
-    actualType =3D virStorageSourceGetActualType(src);
-
-    if (src->drv) {
-        backend =3D src->drv->backend;
-    } else {
-        if (!(backend =3D virStorageFileBackendForTypeInternal(actualType,
-                                                             src->protocol,
-                                                             false)))
-            return false;
-    }

     return !!backend->storageFileChown;
 }
--=20
2.14.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun Apr 28 01:02:58 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1508510468964604.0602387147536;
 Fri, 20 Oct 2017 07:41:08 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
 [10.5.11.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 5FF527E395;
	Fri, 20 Oct 2017 13:48:55 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id B45EC18780;
	Fri, 20 Oct 2017 13:48:54 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 13627410B5;
	Fri, 20 Oct 2017 13:48:54 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v9KDm0We020287 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 20 Oct 2017 09:48:00 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id C663A5EDF4; Fri, 20 Oct 2017 13:48:00 +0000 (UTC)
Received: from angien.brq.redhat.com (unknown [10.43.2.136])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 14C4F5D762;
	Fri, 20 Oct 2017 13:47:59 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 5FF527E395
Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com;
 spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 20 Oct 2017 15:47:27 +0200
Message-Id: 
 <822863c2388035d3f22ff92215b5d05f6da48005.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Cc: Peter Krempa <pkrempa@redhat.com>
Subject: [libvirt] [PATCH 02/12] storage: Add feature check for storage file
	backend supporting access check
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]);
 Fri, 20 Oct 2017 13:48:56 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

When the user provides backing chain, we don't need the full support for
traversing the backing chain. This patch adds a feature check for the
virStorageSourceAccess API.
Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/storage/storage_source.c | 20 ++++++++++++++++++++
 src/storage/storage_source.h |  1 +
 2 files changed, 21 insertions(+)

diff --git a/src/storage/storage_source.c b/src/storage/storage_source.c
index e3c5c3285..cced5308c 100644
--- a/src/storage/storage_source.c
+++ b/src/storage/storage_source.c
@@ -95,6 +95,26 @@ virStorageFileSupportsSecurityDriver(const virStorageSou=
rce *src)
 }


+/**
+ * virStorageFileSupportsAccess:
+ *
+ * @src: a storage file structure
+ *
+ * Check if a storage file supports checking if the storage source is acce=
ssible
+ * for the given vm.
+ */
+bool
+virStorageFileSupportsAccess(const virStorageSource *src)
+{
+    virStorageFileBackendPtr backend;
+
+    if (!(backend =3D virStorageFileGetBackendForSupportCheck(src)))
+        return false;
+
+    return !!backend->storageFileAccess;
+}
+
+
 void
 virStorageFileDeinit(virStorageSourcePtr src)
 {
diff --git a/src/storage/storage_source.h b/src/storage/storage_source.h
index 6462baf6a..320ea3cab 100644
--- a/src/storage/storage_source.h
+++ b/src/storage/storage_source.h
@@ -41,6 +41,7 @@ int virStorageFileAccess(virStorageSourcePtr src, int mod=
e);
 int virStorageFileChown(const virStorageSource *src, uid_t uid, gid_t gid);

 bool virStorageFileSupportsSecurityDriver(const virStorageSource *src);
+bool virStorageFileSupportsAccess(const virStorageSource *src);

 int virStorageFileGetMetadata(virStorageSourcePtr src,
                               uid_t uid, gid_t gid,
--=20
2.14.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun Apr 28 01:02:58 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1508510473897941.0118644259552;
 Fri, 20 Oct 2017 07:41:13 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
 [10.5.11.11])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id BA48F4DB97;
	Fri, 20 Oct 2017 13:49:30 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 941AF600C0;
	Fri, 20 Oct 2017 13:49:30 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 56A9D1800C87;
	Fri, 20 Oct 2017 13:49:30 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v9KDm1Qn020294 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 20 Oct 2017 09:48:01 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id D328B5D761; Fri, 20 Oct 2017 13:48:01 +0000 (UTC)
Received: from angien.brq.redhat.com (unknown [10.43.2.136])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 301685D762;
	Fri, 20 Oct 2017 13:48:00 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com BA48F4DB97
Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com;
 spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 20 Oct 2017 15:47:28 +0200
Message-Id: 
 <5b3db5c0410bd513a8260ff843067e34563f62b4.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Cc: Peter Krempa <pkrempa@redhat.com>
Subject: [libvirt] [PATCH 03/12] storage: Extract error reporting for broken
	chains
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]);
 Fri, 20 Oct 2017 13:49:31 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Simplify reporting the error if backing chain is broken for further
callers by extracting it into a separate function.
Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/storage/storage_source.c | 47 +++++++++++++++++++++++++++++++---------=
----
 src/storage/storage_source.h |  4 ++++
 2 files changed, 37 insertions(+), 14 deletions(-)

diff --git a/src/storage/storage_source.c b/src/storage/storage_source.c
index cced5308c..4586ef4ad 100644
--- a/src/storage/storage_source.c
+++ b/src/storage/storage_source.c
@@ -404,6 +404,38 @@ virStorageFileChown(const virStorageSource *src,
 }


+/**
+ * virStorageFileReportBrokenChain:
+ *
+ * @errcode: errno when accessing @src
+ * @src: inaccessible file in the backing chain of @parent
+ * @parent: root virStorageSource being checked
+ *
+ * Reports the correct error message if @src is missing in the backing cha=
in
+ * for @parent.
+ */
+void
+virStorageFileReportBrokenChain(int errcode,
+                                virStorageSourcePtr src,
+                                virStorageSourcePtr parent)
+{
+    unsigned int access_user =3D src->drv->uid;
+    unsigned int access_group =3D src->drv->gid;
+
+    if (src =3D=3D parent) {
+        virReportSystemError(errcode,
+                             _("Cannot access storage file '%s' "
+                               "(as uid:%u, gid:%u)"),
+                             src->path, access_user, access_group);
+    } else {
+        virReportSystemError(errcode,
+                             _("Cannot access backing file '%s' "
+                               "of storage file '%s' (as uid:%u, gid:%u)"),
+                             src->path, parent->path, access_user, access_=
group);
+    }
+}
+
+
 /* Recursive workhorse for virStorageFileGetMetadata.  */
 static int
 virStorageFileGetMetadataRecurse(virStorageSourcePtr src,
@@ -433,20 +465,7 @@ virStorageFileGetMetadataRecurse(virStorageSourcePtr s=
rc,
         return -1;

     if (virStorageFileAccess(src, F_OK) < 0) {
-        if (src =3D=3D parent) {
-            virReportSystemError(errno,
-                                 _("Cannot access storage file '%s' "
-                                   "(as uid:%u, gid:%u)"),
-                                 src->path, (unsigned int)uid,
-                                 (unsigned int)gid);
-        } else {
-            virReportSystemError(errno,
-                                 _("Cannot access backing file '%s' "
-                                   "of storage file '%s' (as uid:%u, gid:%=
u)"),
-                                 src->path, parent->path,
-                                 (unsigned int)uid, (unsigned int)gid);
-        }
-
+        virStorageFileReportBrokenChain(errno, src, parent);
         goto cleanup;
     }

diff --git a/src/storage/storage_source.h b/src/storage/storage_source.h
index 320ea3cab..0640c138e 100644
--- a/src/storage/storage_source.h
+++ b/src/storage/storage_source.h
@@ -52,4 +52,8 @@ int virStorageFileGetMetadata(virStorageSourcePtr src,
 char *virStorageFileGetBackingStoreStr(virStorageSourcePtr src)
     ATTRIBUTE_NONNULL(1);

+void virStorageFileReportBrokenChain(int errcode,
+                                     virStorageSourcePtr src,
+                                     virStorageSourcePtr parent);
+
 #endif /* __VIR_STORAGE_SOURCE_H__ */
--=20
2.14.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun Apr 28 01:02:58 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1508510347763748.0562294953885;
 Fri, 20 Oct 2017 07:39:07 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 88842C13DA03;
	Fri, 20 Oct 2017 13:48:58 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 6145B5EDE1;
	Fri, 20 Oct 2017 13:48:58 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2A0D4180BACD;
	Fri, 20 Oct 2017 13:48:58 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v9KDm2Fp020302 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 20 Oct 2017 09:48:02 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id D659C5D762; Fri, 20 Oct 2017 13:48:02 +0000 (UTC)
Received: from angien.brq.redhat.com (unknown [10.43.2.136])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 2FAA75D761;
	Fri, 20 Oct 2017 13:48:02 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 88842C13DA03
Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com;
 spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 20 Oct 2017 15:47:29 +0200
Message-Id: 
 <a309f9a3f6799907b960a68b087bdfc9daad41a3.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Cc: Peter Krempa <pkrempa@redhat.com>
Subject: [libvirt] [PATCH 04/12] security: selinux: Pass parent storage
	source into image labeling helper
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]);
 Fri, 20 Oct 2017 13:48:59 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

virSecuritySELinuxSetImageLabelInternal assigns different labels to
backing chain members than to the parent image. This was done via the
'first' flag. Convert it to passing in pointer to the parent
virStorageSource. This will allow us to use the parent virStorageSource
in further changes.
Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/security/security_selinux.c | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index cd3e41193..66b3bbf1c 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1592,7 +1592,7 @@ static int
 virSecuritySELinuxSetImageLabelInternal(virSecurityManagerPtr mgr,
                                         virDomainDefPtr def,
                                         virStorageSourcePtr src,
-                                        bool first)
+                                        virStorageSourcePtr parent)
 {
     virSecuritySELinuxDataPtr data =3D virSecurityManagerGetPrivateData(mg=
r);
     virSecurityLabelDefPtr secdef;
@@ -1614,7 +1614,7 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityMa=
nagerPtr mgr,

     if (disk_seclabel && disk_seclabel->relabel && disk_seclabel->label) {
         ret =3D virSecuritySELinuxSetFilecon(mgr, src->path, disk_seclabel=
->label);
-    } else if (first) {
+    } else if (!parent || parent =3D=3D src) {
         if (src->shared) {
             ret =3D virSecuritySELinuxSetFileconOptional(mgr,
                                                        src->path,
@@ -1660,7 +1660,7 @@ virSecuritySELinuxSetImageLabel(virSecurityManagerPtr=
 mgr,
                                 virDomainDefPtr def,
                                 virStorageSourcePtr src)
 {
-    return virSecuritySELinuxSetImageLabelInternal(mgr, def, src, true);
+    return virSecuritySELinuxSetImageLabelInternal(mgr, def, src, NULL);
 }


@@ -1670,14 +1670,11 @@ virSecuritySELinuxSetDiskLabel(virSecurityManagerPt=
r mgr,
                                virDomainDiskDefPtr disk)

 {
-    bool first =3D true;
     virStorageSourcePtr next;

     for (next =3D disk->src; virStorageSourceIsBacking(next); next =3D nex=
t->backingStore) {
-        if (virSecuritySELinuxSetImageLabelInternal(mgr, def, next, first)=
 < 0)
+        if (virSecuritySELinuxSetImageLabelInternal(mgr, def, next, disk->=
src) < 0)
             return -1;
-
-        first =3D false;
     }

     return 0;
--=20
2.14.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun Apr 28 01:02:58 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1508510508621527.5929698963138;
 Fri, 20 Oct 2017 07:41:48 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
 [10.5.11.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id EBB2A3E2D3;
	Fri, 20 Oct 2017 13:49:01 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id B5C67614CC;
	Fri, 20 Oct 2017 13:49:01 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 78EEB1800C92;
	Fri, 20 Oct 2017 13:49:01 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v9KDm4sd020309 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 20 Oct 2017 09:48:04 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 54DD55D763; Fri, 20 Oct 2017 13:48:04 +0000 (UTC)
Received: from angien.brq.redhat.com (unknown [10.43.2.136])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 3040D5D761;
	Fri, 20 Oct 2017 13:48:03 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com EBB2A3E2D3
Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com;
 spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 20 Oct 2017 15:47:30 +0200
Message-Id: 
 <2e28573fb74d279d01c0c1eedfb81b8d5bc6159c.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Cc: Peter Krempa <pkrempa@redhat.com>
Subject: [libvirt] [PATCH 05/12] security: dac: Take parent security label
	into account
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]);
 Fri, 20 Oct 2017 13:49:02 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Until now we ignored user-provided backing chains and while detecting
the code inherited labels of the parent device. With user provided
chains we should keep this functionality, so label of the parent image
in the backing chain will be applied if an image-specific label is not
present.
Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/security/security_dac.c | 38 +++++++++++++++++++++++++++++---------
 1 file changed, 29 insertions(+), 9 deletions(-)

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 244b300a9..54120890f 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -688,12 +688,14 @@ virSecurityDACRestoreFileLabel(virSecurityDACDataPtr =
priv,


 static int
-virSecurityDACSetImageLabel(virSecurityManagerPtr mgr,
-                            virDomainDefPtr def,
-                            virStorageSourcePtr src)
+virSecurityDACSetImageLabelInternal(virSecurityManagerPtr mgr,
+                                    virDomainDefPtr def,
+                                    virStorageSourcePtr src,
+                                    virStorageSourcePtr parent)
 {
     virSecurityLabelDefPtr secdef;
     virSecurityDeviceLabelDefPtr disk_seclabel;
+    virSecurityDeviceLabelDefPtr parent_seclabel =3D NULL;
     virSecurityDACDataPtr priv =3D virSecurityManagerGetPrivateData(mgr);
     uid_t user;
     gid_t group;
@@ -705,14 +707,24 @@ virSecurityDACSetImageLabel(virSecurityManagerPtr mgr,
     if (secdef && !secdef->relabel)
         return 0;

-    disk_seclabel =3D virStorageSourceGetSecurityLabelDef(src,
-                                                        SECURITY_DAC_NAME);
-    if (disk_seclabel && !disk_seclabel->relabel)
-        return 0;
+    disk_seclabel =3D virStorageSourceGetSecurityLabelDef(src, SECURITY_DA=
C_NAME);
+    if (parent)
+        parent_seclabel =3D virStorageSourceGetSecurityLabelDef(parent,
+                                                              SECURITY_DAC=
_NAME);
+
+    if (disk_seclabel && (!disk_seclabel->relabel || disk_seclabel->label)=
) {
+        if (!disk_seclabel->relabel)
+            return 0;

-    if (disk_seclabel && disk_seclabel->label) {
         if (virParseOwnershipIds(disk_seclabel->label, &user, &group) < 0)
             return -1;
+    } else if (parent_seclabel &&
+               (!parent_seclabel->relabel || parent_seclabel->label)) {
+        if (!parent_seclabel->relabel)
+            return 0;
+
+        if (virParseOwnershipIds(parent_seclabel->label, &user, &group) < =
0)
+            return -1;
     } else {
         if (virSecurityDACGetImageIds(secdef, priv, &user, &group))
             return -1;
@@ -722,6 +734,14 @@ virSecurityDACSetImageLabel(virSecurityManagerPtr mgr,
 }


+static int
+virSecurityDACSetImageLabel(virSecurityManagerPtr mgr,
+                            virDomainDefPtr def,
+                            virStorageSourcePtr src)
+{
+    return virSecurityDACSetImageLabelInternal(mgr, def, src, NULL);
+}
+
 static int
 virSecurityDACSetDiskLabel(virSecurityManagerPtr mgr,
                            virDomainDefPtr def,
@@ -731,7 +751,7 @@ virSecurityDACSetDiskLabel(virSecurityManagerPtr mgr,
     virStorageSourcePtr next;

     for (next =3D disk->src; virStorageSourceIsBacking(next); next =3D nex=
t->backingStore) {
-        if (virSecurityDACSetImageLabel(mgr, def, next) < 0)
+        if (virSecurityDACSetImageLabelInternal(mgr, def, next, disk->src)=
 < 0)
             return -1;
     }

--=20
2.14.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun Apr 28 01:02:58 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1508510497033189.8591005580738;
 Fri, 20 Oct 2017 07:41:37 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id C8A40CD17D;
	Fri, 20 Oct 2017 13:49:04 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 9F9225D762;
	Fri, 20 Oct 2017 13:49:04 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 66A71410B5;
	Fri, 20 Oct 2017 13:49:04 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v9KDm68G020326 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 20 Oct 2017 09:48:06 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 519355EDF1; Fri, 20 Oct 2017 13:48:05 +0000 (UTC)
Received: from angien.brq.redhat.com (unknown [10.43.2.136])
	by smtp.corp.redhat.com (Postfix) with ESMTP id A1DC05EDE1;
	Fri, 20 Oct 2017 13:48:04 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com C8A40CD17D
Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com;
 spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 20 Oct 2017 15:47:31 +0200
Message-Id: 
 <ab4a88e972454cfd5e99cb1cc3ea64eff0900aae.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Cc: Peter Krempa <pkrempa@redhat.com>
Subject: [libvirt] [PATCH 06/12] security: selinux: Take parent security
	label into account
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]);
 Fri, 20 Oct 2017 13:49:05 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Until now we ignored user-provided backing chains and while detecting
the code inherited labels of the parent device. With user provided
chains we should keep this functionality, so label of the parent image
in the backing chain will be applied if an image-specific label is not
present.
Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/security/security_selinux.c | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index 66b3bbf1c..ed1828a12 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1597,6 +1597,7 @@ virSecuritySELinuxSetImageLabelInternal(virSecurityMa=
nagerPtr mgr,
     virSecuritySELinuxDataPtr data =3D virSecurityManagerGetPrivateData(mg=
r);
     virSecurityLabelDefPtr secdef;
     virSecurityDeviceLabelDefPtr disk_seclabel;
+    virSecurityDeviceLabelDefPtr parent_seclabel =3D NULL;
     int ret;

     if (!src->path || !virStorageSourceIsLocalStorage(src))
@@ -1608,12 +1609,20 @@ virSecuritySELinuxSetImageLabelInternal(virSecurity=
ManagerPtr mgr,

     disk_seclabel =3D virStorageSourceGetSecurityLabelDef(src,
                                                         SECURITY_SELINUX_N=
AME);
+    if (parent)
+        parent_seclabel =3D virStorageSourceGetSecurityLabelDef(parent,
+                                                              SECURITY_SEL=
INUX_NAME);

-    if (disk_seclabel && !disk_seclabel->relabel)
-        return 0;
+    if (disk_seclabel && (!disk_seclabel->relabel || disk_seclabel->label)=
) {
+        if (!disk_seclabel->relabel)
+            return 0;

-    if (disk_seclabel && disk_seclabel->relabel && disk_seclabel->label) {
         ret =3D virSecuritySELinuxSetFilecon(mgr, src->path, disk_seclabel=
->label);
+    } else if (parent_seclabel && (!parent_seclabel->relabel || parent_sec=
label->label)) {
+        if (!parent_seclabel->relabel)
+            return 0;
+
+        ret =3D virSecuritySELinuxSetFilecon(mgr, src->path, parent_seclab=
el->label);
     } else if (!parent || parent =3D=3D src) {
         if (src->shared) {
             ret =3D virSecuritySELinuxSetFileconOptional(mgr,
--=20
2.14.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun Apr 28 01:02:58 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1508512914844200.0061154493593;
 Fri, 20 Oct 2017 08:21:54 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
 [10.5.11.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id C48CF60177;
	Fri, 20 Oct 2017 13:49:33 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 95AAF18C4F;
	Fri, 20 Oct 2017 13:49:33 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 5F1E83FC73;
	Fri, 20 Oct 2017 13:49:33 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v9KDm6p1020324 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 20 Oct 2017 09:48:06 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 4B3D85D762; Fri, 20 Oct 2017 13:48:06 +0000 (UTC)
Received: from angien.brq.redhat.com (unknown [10.43.2.136])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 9F5365D761;
	Fri, 20 Oct 2017 13:48:05 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com C48CF60177
Authentication-Results: ext-mx01.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx01.extmail.prod.ext.phx2.redhat.com;
 spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 20 Oct 2017 15:47:32 +0200
Message-Id: 
 <24edeed8bcc9af56c9155a8823088204e9947681.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Cc: Peter Krempa <pkrempa@redhat.com>
Subject: [libvirt] [PATCH 07/12] qemu: domain: Simplify using DAC
	permissions of top of backing chain
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]);
 Fri, 20 Oct 2017 13:49:34 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

qemuDomainGetImageIds and qemuDomainStorageFileInit are helpful when
trying to access a virStorageSource from the qemu driver since they
figure out the correct uid and gid for the image.

When accessing members of a backing chain the permissions for the top
level would be used. To allow using specific permissions per backing
chain level but still allow inheritance from the parent of the chain we
need to add a new parameter to the image ID APIs.
Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/qemu/qemu_domain.c | 13 ++++++++++---
 src/qemu/qemu_domain.h |  3 ++-
 src/qemu/qemu_driver.c |  6 +++---
 3 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 00610edf1..24ed61bc2 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -5926,6 +5926,7 @@ static void
 qemuDomainGetImageIds(virQEMUDriverConfigPtr cfg,
                       virDomainObjPtr vm,
                       virStorageSourcePtr src,
+                      virStorageSourcePtr parentSrc,
                       uid_t *uid, gid_t *gid)
 {
     virSecurityLabelDefPtr vmlabel;
@@ -5948,6 +5949,11 @@ qemuDomainGetImageIds(virQEMUDriverConfigPtr cfg,
         vmlabel->label)
         virParseOwnershipIds(vmlabel->label, uid, gid);

+    if (parentSrc &&
+        (disklabel =3D virStorageSourceGetSecurityLabelDef(parentSrc, "dac=
")) &&
+        disklabel->label)
+        virParseOwnershipIds(disklabel->label, uid, gid);
+
     if ((disklabel =3D virStorageSourceGetSecurityLabelDef(src, "dac")) &&
         disklabel->label)
         virParseOwnershipIds(disklabel->label, uid, gid);
@@ -5957,14 +5963,15 @@ qemuDomainGetImageIds(virQEMUDriverConfigPtr cfg,
 int
 qemuDomainStorageFileInit(virQEMUDriverPtr driver,
                           virDomainObjPtr vm,
-                          virStorageSourcePtr src)
+                          virStorageSourcePtr src,
+                          virStorageSourcePtr parent)
 {
     virQEMUDriverConfigPtr cfg =3D virQEMUDriverGetConfig(driver);
     uid_t uid;
     gid_t gid;
     int ret =3D -1;

-    qemuDomainGetImageIds(cfg, vm, src, &uid, &gid);
+    qemuDomainGetImageIds(cfg, vm, src, parent, &uid, &gid);

     if (virStorageFileInitAs(src, uid, gid) < 0)
         goto cleanup;
@@ -6014,7 +6021,7 @@ qemuDomainDetermineDiskChain(virQEMUDriverPtr driver,
             goto cleanup;
     }

-    qemuDomainGetImageIds(cfg, vm, disk->src, &uid, &gid);
+    qemuDomainGetImageIds(cfg, vm, disk->src, NULL, &uid, &gid);

     if (virStorageFileGetMetadata(disk->src,
                                   uid, gid,
diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index 39cb68b3c..a8ad59d20 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -674,7 +674,8 @@ bool qemuDomainDiskChangeSupported(virDomainDiskDefPtr =
disk,

 int qemuDomainStorageFileInit(virQEMUDriverPtr driver,
                               virDomainObjPtr vm,
-                              virStorageSourcePtr src);
+                              virStorageSourcePtr src,
+                              virStorageSourcePtr parent);
 char *qemuDomainStorageAlias(const char *device, int depth);

 void qemuDomainDiskChainElementRevoke(virQEMUDriverPtr driver,
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index d56992fbb..23692fedb 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -11495,7 +11495,7 @@ qemuDomainBlockPeek(virDomainPtr dom,
         goto cleanup;
     }

-    if (qemuDomainStorageFileInit(driver, vm, disk->src) < 0)
+    if (qemuDomainStorageFileInit(driver, vm, disk->src, NULL) < 0)
         goto cleanup;

     if ((nread =3D virStorageFileRead(disk->src, offset, size, &tmpbuf)) <=
 0)
@@ -14418,7 +14418,7 @@ qemuDomainSnapshotDiskDataCollect(virQEMUDriverPtr =
driver,
         if (virStorageSourceInitChainElement(dd->src, dd->disk->src, false=
) < 0)
             goto error;

-        if (qemuDomainStorageFileInit(driver, vm, dd->src) < 0)
+        if (qemuDomainStorageFileInit(driver, vm, dd->src, NULL) < 0)
             goto error;

         dd->initialized =3D true;
@@ -17093,7 +17093,7 @@ qemuDomainBlockCopyCommon(virDomainObjPtr vm,
         goto endjob;
     }

-    if (qemuDomainStorageFileInit(driver, vm, mirror) < 0)
+    if (qemuDomainStorageFileInit(driver, vm, mirror, NULL) < 0)
         goto endjob;

     if (qemuDomainBlockCopyValidateMirror(mirror, disk->dst, &reuse) < 0)
--=20
2.14.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun Apr 28 01:02:58 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1508510302485879.322586096362;
 Fri, 20 Oct 2017 07:38:22 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
 [10.5.11.16])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 62BCC5C8;
	Fri, 20 Oct 2017 13:49:36 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 42E5E4D756;
	Fri, 20 Oct 2017 13:49:36 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0D65C3FAED;
	Fri, 20 Oct 2017 13:49:36 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v9KDmAG5020350 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 20 Oct 2017 09:48:10 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 6E8925EDE1; Fri, 20 Oct 2017 13:48:10 +0000 (UTC)
Received: from angien.brq.redhat.com (unknown [10.43.2.136])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 40A0E5D761;
	Fri, 20 Oct 2017 13:48:06 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 62BCC5C8
Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com;
 spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 20 Oct 2017 15:47:33 +0200
Message-Id: 
 <593a3c3d8eee018e3172af5d7bbc42f68fd0df6d.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Cc: Peter Krempa <pkrempa@redhat.com>
Subject: [libvirt] [PATCH 08/12] qemu: domain: Extract setup for disk source
	secrets
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]);
 Fri, 20 Oct 2017 13:49:36 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Separate it so that it deals only with single virStorageSource, so that
it can later be reused for full backing chain support.

Two aliases are passed since authentication is more relevant to the
'storage backend' whereas encryption is more relevant to the protocol
layer. When using node names, the aliases will be different.
Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/qemu/qemu_domain.c | 49 +++++++++++++++++++++++++++++++---------------=
---
 1 file changed, 31 insertions(+), 18 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 24ed61bc2..4a2ba1761 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -1368,27 +1368,19 @@ qemuDomainDiskHasEncryptionSecret(virStorageSourceP=
tr src)
 }


-/* qemuDomainSecretDiskPrepare:
- * @conn: Pointer to connection
- * @priv: pointer to domain private object
- * @disk: Pointer to a disk definition
- *
- * For the right disk, generate the qemuDomainSecretInfo structure.
- *
- * Returns 0 on success, -1 on failure
- */
-int
-qemuDomainSecretDiskPrepare(virConnectPtr conn,
-                            qemuDomainObjPrivatePtr priv,
-                            virDomainDiskDefPtr disk)
+static int
+qemuDomainSecretStorageSourcePrepare(virConnectPtr conn,
+                                     qemuDomainObjPrivatePtr priv,
+                                     virStorageSourcePtr src,
+                                     const char *authalias,
+                                     const char *encalias)
 {
-    virStorageSourcePtr src =3D disk->src;
     qemuDomainStorageSourcePrivatePtr srcPriv;

-    if (!(disk->src->privateData =3D qemuDomainStorageSourcePrivateNew()))
+    if (!(src->privateData =3D qemuDomainStorageSourcePrivateNew()))
         return -1;

-    srcPriv =3D QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(disk->src);
+    srcPriv =3D QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(src);

     if (qemuDomainSecretDiskCapable(src)) {
         virSecretUsageType usageType =3D VIR_SECRET_USAGE_TYPE_ISCSI;
@@ -1397,7 +1389,7 @@ qemuDomainSecretDiskPrepare(virConnectPtr conn,
             usageType =3D VIR_SECRET_USAGE_TYPE_CEPH;

         if (!(srcPriv->secinfo =3D
-              qemuDomainSecretInfoNew(conn, priv, disk->info.alias,
+              qemuDomainSecretInfoNew(conn, priv, authalias,
                                       usageType, src->auth->username,
                                       &src->auth->seclookupdef, false)))
               return -1;
@@ -1405,7 +1397,7 @@ qemuDomainSecretDiskPrepare(virConnectPtr conn,

     if (qemuDomainDiskHasEncryptionSecret(src)) {
         if (!(srcPriv->encinfo =3D
-              qemuDomainSecretInfoNew(conn, priv, disk->info.alias,
+              qemuDomainSecretInfoNew(conn, priv, encalias,
                                       VIR_SECRET_USAGE_TYPE_VOLUME, NULL,
                                       &src->encryption->secrets[0]->secloo=
kupdef,
                                       true)))
@@ -1416,6 +1408,27 @@ qemuDomainSecretDiskPrepare(virConnectPtr conn,
 }


+/* qemuDomainSecretDiskPrepare:
+ * @conn: Pointer to connection
+ * @priv: pointer to domain private object
+ * @disk: Pointer to a disk definition
+ *
+ * For the right disk, generate the qemuDomainSecretInfo structure.
+ *
+ * Returns 0 on success, -1 on failure
+ */
+
+int
+qemuDomainSecretDiskPrepare(virConnectPtr conn,
+                            qemuDomainObjPrivatePtr priv,
+                            virDomainDiskDefPtr disk)
+{
+    return qemuDomainSecretStorageSourcePrepare(conn, priv, disk->src,
+                                                disk->info.alias,
+                                                disk->info.alias);
+}
+
+
 /* qemuDomainSecretHostdevDestroy:
  * @disk: Pointer to a hostdev definition
  *
--=20
2.14.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun Apr 28 01:02:58 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1508510602849976.7234139325404;
 Fri, 20 Oct 2017 07:43:22 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 05ECEBDC1;
	Fri, 20 Oct 2017 13:48:15 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id D0C745D75E;
	Fri, 20 Oct 2017 13:48:14 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 9B6421800C89;
	Fri, 20 Oct 2017 13:48:14 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v9KDmErq020365 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 20 Oct 2017 09:48:14 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 39FEA5D762; Fri, 20 Oct 2017 13:48:14 +0000 (UTC)
Received: from angien.brq.redhat.com (unknown [10.43.2.136])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 8CD4F5D761;
	Fri, 20 Oct 2017 13:48:10 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 05ECEBDC1
Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com;
 spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 20 Oct 2017 15:47:34 +0200
Message-Id: 
 <0ec98f1e7618fba45a6efe31a87217a5d199d3f5.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Cc: Peter Krempa <pkrempa@redhat.com>
Subject: [libvirt] [PATCH 09/12] qemu: domain: Destroy secrets for complete
	backing chain
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]);
 Fri, 20 Oct 2017 13:48:15 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/qemu/qemu_domain.c | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 4a2ba1761..c689911c4 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -1324,6 +1324,19 @@ qemuDomainSecretInfoTLSNew(virConnectPtr conn,
 }


+static void
+qemuDomainSecretStorageSourceDestroy(virStorageSourcePtr src)
+{
+    qemuDomainStorageSourcePrivatePtr srcPriv =3D QEMU_DOMAIN_STORAGE_SOUR=
CE_PRIVATE(src);
+
+    if (srcPriv && srcPriv->secinfo)
+        qemuDomainSecretInfoFree(&srcPriv->secinfo);
+
+    if (srcPriv && srcPriv->encinfo)
+        qemuDomainSecretInfoFree(&srcPriv->encinfo);
+}
+
+
 /* qemuDomainSecretDiskDestroy:
  * @disk: Pointer to a disk definition
  *
@@ -1332,13 +1345,10 @@ qemuDomainSecretInfoTLSNew(virConnectPtr conn,
 void
 qemuDomainSecretDiskDestroy(virDomainDiskDefPtr disk)
 {
-    qemuDomainStorageSourcePrivatePtr srcPriv =3D QEMU_DOMAIN_STORAGE_SOUR=
CE_PRIVATE(disk->src);
-
-    if (srcPriv && srcPriv->secinfo)
-        qemuDomainSecretInfoFree(&srcPriv->secinfo);
+    virStorageSourcePtr next;

-    if (srcPriv && srcPriv->encinfo)
-        qemuDomainSecretInfoFree(&srcPriv->encinfo);
+    for (next =3D disk->src; virStorageSourceIsBacking(next); next =3D nex=
t->backingStore)
+        qemuDomainSecretStorageSourceDestroy(next);
 }


--=20
2.14.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun Apr 28 01:02:58 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1508510902810990.8076436488084;
 Fri, 20 Oct 2017 07:48:22 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
 [10.5.11.11])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 46092BDE1;
	Fri, 20 Oct 2017 13:49:39 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id E175C60479;
	Fri, 20 Oct 2017 13:49:38 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id A0F1B260;
	Fri, 20 Oct 2017 13:49:38 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v9KDmFbM020378 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 20 Oct 2017 09:48:15 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 57FE25D763; Fri, 20 Oct 2017 13:48:15 +0000 (UTC)
Received: from angien.brq.redhat.com (unknown [10.43.2.136])
	by smtp.corp.redhat.com (Postfix) with ESMTP id A7EBC5D762;
	Fri, 20 Oct 2017 13:48:14 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 46092BDE1
Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com;
 spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 20 Oct 2017 15:47:35 +0200
Message-Id: 
 <1253bff78ac230d361431a38d3ef63a1f0bec583.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Cc: Peter Krempa <pkrempa@redhat.com>
Subject: [libvirt] [PATCH 10/12] qemu: domain: Remove pointless alias check
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]);
 Fri, 20 Oct 2017 13:49:39 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

When attaching the disks, aliases are always generated.
Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/qemu/qemu_domain.c  | 8 --------
 src/qemu/qemu_domain.h  | 3 +--
 src/qemu/qemu_hotplug.c | 2 +-
 src/qemu/qemu_process.c | 2 +-
 4 files changed, 3 insertions(+), 12 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index c689911c4..aebe24e7b 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -7833,7 +7833,6 @@ qemuDomainPrepareChardevSource(virDomainDefPtr def,

 /* qemuProcessPrepareDiskSourceTLS:
  * @source: pointer to host interface data for disk device
- * @diskAlias: alias use for the disk device
  * @cfg: driver configuration
  *
  * Updates host interface TLS encryption setting based on qemu.conf
@@ -7844,7 +7843,6 @@ qemuDomainPrepareChardevSource(virDomainDefPtr def,
  */
 int
 qemuDomainPrepareDiskSourceTLS(virStorageSourcePtr src,
-                               const char *diskAlias,
                                virQEMUDriverConfigPtr cfg)
 {

@@ -7863,12 +7861,6 @@ qemuDomainPrepareDiskSourceTLS(virStorageSourcePtr s=
rc,
         }

         if (src->haveTLS =3D=3D VIR_TRISTATE_BOOL_YES) {
-            if (!diskAlias) {
-                virReportError(VIR_ERR_INVALID_ARG, "%s",
-                               _("disk does not have an alias"));
-                return -1;
-            }
-
             /* Grab the vxhsTLSx509certdir and set the verify/listen value=
s.
              * NB: tlsAlias filled in during qemuDomainGetTLSObjects. */
             if (VIR_STRDUP(src->tlsCertdir, cfg->vxhsTLSx509certdir) < 0)
diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index a8ad59d20..6615dabf9 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -882,9 +882,8 @@ void qemuDomainPrepareChardevSource(virDomainDefPtr def,

 int
 qemuDomainPrepareDiskSourceTLS(virStorageSourcePtr src,
-                               const char *diskAlias,
                                virQEMUDriverConfigPtr cfg)
-    ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(3);
+    ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2);

 int qemuDomainPrepareShmemChardev(virDomainShmemDefPtr shmem)
     ATTRIBUTE_NONNULL(1);
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 91f7f9ed6..e4157f631 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -394,7 +394,7 @@ qemuDomainAttachDiskGeneric(virConnectPtr conn,
     if (encinfo && qemuBuildSecretInfoProps(encinfo, &encobjProps) < 0)
         goto error;

-    if (qemuDomainPrepareDiskSourceTLS(disk->src, disk->info.alias, cfg) <=
 0)
+    if (qemuDomainPrepareDiskSourceTLS(disk->src, cfg) < 0)
         goto error;

     if (disk->src->haveTLS &&
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 66e81bbe5..9bbfabcde 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -5301,7 +5301,7 @@ qemuProcessPrepareDomainStorage(virConnectPtr conn,
             continue;
         }

-        if (qemuDomainPrepareDiskSourceTLS(disk->src, disk->info.alias, cf=
g) < 0)
+        if (qemuDomainPrepareDiskSourceTLS(disk->src, cfg) < 0)
             return -1;
     }

--=20
2.14.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun Apr 28 01:02:58 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1508513037858192.84558964295354;
 Fri, 20 Oct 2017 08:23:57 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 523ADC05166B;
	Fri, 20 Oct 2017 13:49:08 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 23F495D763;
	Fri, 20 Oct 2017 13:49:08 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id DC8D4180BACD;
	Fri, 20 Oct 2017 13:49:07 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v9KDmLsh020391 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 20 Oct 2017 09:48:21 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 6F1CA5EDF4; Fri, 20 Oct 2017 13:48:21 +0000 (UTC)
Received: from angien.brq.redhat.com (unknown [10.43.2.136])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 8175B5D763;
	Fri, 20 Oct 2017 13:48:15 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 523ADC05166B
Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com;
 spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 20 Oct 2017 15:47:36 +0200
Message-Id: 
 <9998930ab6c9bdf808e9f6c654869672f57f7e8f.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Cc: Peter Krempa <pkrempa@redhat.com>
Subject: [libvirt] [PATCH 11/12] qemu: domain: Prepare TLS data for the
	whole backing chain
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]);
 Fri, 20 Oct 2017 13:49:08 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Iterate through the backing chain when setting up TLS for disks.
Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/qemu/qemu_domain.c | 41 ++++++++++++++++++++++-------------------
 1 file changed, 22 insertions(+), 19 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index aebe24e7b..3560cdd29 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -7845,28 +7845,31 @@ int
 qemuDomainPrepareDiskSourceTLS(virStorageSourcePtr src,
                                virQEMUDriverConfigPtr cfg)
 {
+    virStorageSourcePtr next;

-    /* VxHS uses only client certificates and thus has no need for
-     * the server-key.pem nor a secret that could be used to decrypt
-     * the it, so no need to add a secinfo for a secret UUID. */
-    if (src->type =3D=3D VIR_STORAGE_TYPE_NETWORK &&
-        src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_VXHS) {
-
-        if (src->haveTLS =3D=3D VIR_TRISTATE_BOOL_ABSENT) {
-            if (cfg->vxhsTLS)
-                src->haveTLS =3D VIR_TRISTATE_BOOL_YES;
-            else
-                src->haveTLS =3D VIR_TRISTATE_BOOL_NO;
-            src->tlsFromConfig =3D true;
-        }
+    for (next =3D src; virStorageSourceIsBacking(next); next =3D next->bac=
kingStore) {
+        /* VxHS uses only client certificates and thus has no need for
+         * the server-key.pem nor a secret that could be used to decrypt
+         * the it, so no need to add a secinfo for a secret UUID. */
+        if (next->type =3D=3D VIR_STORAGE_TYPE_NETWORK &&
+            next->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_VXHS) {
+
+            if (next->haveTLS =3D=3D VIR_TRISTATE_BOOL_ABSENT) {
+                if (cfg->vxhsTLS)
+                    next->haveTLS =3D VIR_TRISTATE_BOOL_YES;
+                else
+                    next->haveTLS =3D VIR_TRISTATE_BOOL_NO;
+                next->tlsFromConfig =3D true;
+            }

-        if (src->haveTLS =3D=3D VIR_TRISTATE_BOOL_YES) {
-            /* Grab the vxhsTLSx509certdir and set the verify/listen value=
s.
-             * NB: tlsAlias filled in during qemuDomainGetTLSObjects. */
-            if (VIR_STRDUP(src->tlsCertdir, cfg->vxhsTLSx509certdir) < 0)
-                return -1;
+            if (next->haveTLS =3D=3D VIR_TRISTATE_BOOL_YES) {
+                /* Grab the vxhsTLSx509certdir and set the verify/listen v=
alues.
+                 * NB: tlsAlias filled in during qemuDomainGetTLSObjects. =
*/
+                if (VIR_STRDUP(next->tlsCertdir, cfg->vxhsTLSx509certdir) =
< 0)
+                    return -1;

-            src->tlsVerify =3D true;
+                next->tlsVerify =3D true;
+            }
         }
     }

--=20
2.14.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From nobody Sun Apr 28 01:02:58 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1508511996889163.75016158420055;
 Fri, 20 Oct 2017 08:06:36 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id A26F099DA7;
	Fri, 20 Oct 2017 13:49:41 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 7E35C5BD46;
	Fri, 20 Oct 2017 13:49:41 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 3AEAB180BACF;
	Fri, 20 Oct 2017 13:49:41 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v9KDmMsq020396 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 20 Oct 2017 09:48:22 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 81EDE5D763; Fri, 20 Oct 2017 13:48:22 +0000 (UTC)
Received: from angien.brq.redhat.com (unknown [10.43.2.136])
	by smtp.corp.redhat.com (Postfix) with ESMTP id D5F465D762;
	Fri, 20 Oct 2017 13:48:21 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com A26F099DA7
Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com;
 spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 20 Oct 2017 15:47:37 +0200
Message-Id: 
 <c11429d95617a6e0c366cfb57f767711b59d3346.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
In-Reply-To: <cover.1508507145.git.pkrempa@redhat.com>
References: <cover.1508507145.git.pkrempa@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Cc: Peter Krempa <pkrempa@redhat.com>
Subject: [libvirt] [PATCH 12/12] qemu: domain: skip chain detection to end
	of backing chain
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]);
 Fri, 20 Oct 2017 13:49:42 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

When a user provides the backing chain, we will not need to re-detect
all the backing stores again, but should move to the end of the user
specified chain. Additionally if a user provides a full terminated chain
we should not attempt any further detection.
Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/qemu/qemu_domain.c | 48 +++++++++++++++++++++++++++++++++++++++-------=
--
 1 file changed, 39 insertions(+), 9 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 3560cdd29..5973474ca 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -6030,27 +6030,57 @@ qemuDomainDetermineDiskChain(virQEMUDriverPtr drive=
r,
                              bool report_broken)
 {
     virQEMUDriverConfigPtr cfg =3D virQEMUDriverGetConfig(driver);
-    int ret =3D 0;
+    virStorageSourcePtr src =3D disk->src;
+    int ret =3D -1;
     uid_t uid;
     gid_t gid;

-    if (virStorageSourceIsEmpty(disk->src))
+    if (virStorageSourceIsEmpty(src)) {
+        ret =3D 0;
         goto cleanup;
+    }

     if (virStorageSourceHasBacking(disk->src)) {
-        if (force_probe)
-            virStorageSourceBackingStoreClear(disk->src);
-        else
-            goto cleanup;
+        if (force_probe) {
+            virStorageSourceBackingStoreClear(src);
+        } else {
+            /* skip to the end of the chain */
+            while (virStorageSourceIsBacking(src)) {
+                if (report_broken &&
+                    virStorageFileSupportsAccess(src)) {
+
+                    if (qemuDomainStorageFileInit(driver, vm, src, disk->s=
rc) < 0)
+                        goto cleanup;
+
+                    if (virStorageFileAccess(src, F_OK) < 0) {
+                        virStorageFileReportBrokenChain(errno, src, disk->=
src);
+                        virStorageFileDeinit(src);
+                        goto cleanup;
+                    }
+
+                    virStorageFileDeinit(src);
+                }
+                src =3D src->backingStore;
+            }
+        }
     }

-    qemuDomainGetImageIds(cfg, vm, disk->src, NULL, &uid, &gid);
+    /* We skipped to the end of the chain. Skip detection if there's the
+     * terminator. (An allocated but empty backingStore) */
+    if (src->backingStore) {
+        ret =3D 0;
+        goto cleanup;
+    }
+
+    qemuDomainGetImageIds(cfg, vm, src, disk->src, &uid, &gid);

-    if (virStorageFileGetMetadata(disk->src,
+    if (virStorageFileGetMetadata(src,
                                   uid, gid,
                                   cfg->allowDiskFormatProbing,
                                   report_broken) < 0)
-        ret =3D -1;
+        goto cleanup;
+
+    ret =3D 0;

  cleanup:
     virObjectUnref(cfg);
--=20
2.14.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list