From nobody Fri Dec 19 18:47:40 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1548259906678872.3910711434453; Wed, 23 Jan 2019 08:11:46 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A342280F95; Wed, 23 Jan 2019 16:11:44 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 69E4A17AF6; Wed, 23 Jan 2019 16:11:44 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 186903F611; Wed, 23 Jan 2019 16:11:44 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x0NGBM8L014106 for ; Wed, 23 Jan 2019 11:11:22 -0500 Received: by smtp.corp.redhat.com (Postfix) id D09CD5D739; Wed, 23 Jan 2019 16:11:22 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.229]) by smtp.corp.redhat.com (Postfix) with ESMTP id 56A995D6A6 for ; Wed, 23 Jan 2019 16:11:22 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Wed, 23 Jan 2019 17:11:06 +0100 Message-Id: <2ada12bb6966c8dd274978fdf85102d79b2d384e.1548259711.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 11/11] qemu: Label backing chain of user-provided target of blockCopy when starting the job X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Wed, 23 Jan 2019 16:11:45 +0000 (UTC) Content-Type: text/plain; charset="utf-8" Be more sensible when setting labels of the target of a virDomainBlockCopy operation. Previously we'd relabel everything in case it's a copy job even if there's no unlabelled backing chain. Since we are also not sure whether the backing chain is shared we don't relabel the chain on completion of the blockjob. This certainly won't play nice with the image permission relabelling feature. While this does not fix the case where the image is reused and has backing chain it certainly sanitizes all the other cases. Later on it will also allow to do the correct thing in cases where only one layer was introduced. Signed-off-by: Peter Krempa Reviewed-by: John Ferlan --- src/qemu/qemu_driver.c | 43 ++++++++++++++++++++--------------------- src/qemu/qemu_process.c | 22 +++++++++++++++++++++ 2 files changed, 43 insertions(+), 22 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 79a767288e..2c2c0ce92e 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -17170,26 +17170,6 @@ qemuDomainBlockPivot(virQEMUDriverPtr driver, goto cleanup; } - /* For active commit, the mirror is part of the already labeled - * chain. For blockcopy, we previously labeled only the top-level - * image; but if the user is reusing an external image that - * includes a backing file, the pivot may result in qemu needing - * to open the entire backing chain, so we need to label the - * entire chain. This action is safe even if the backing chain - * has already been labeled; but only necessary when we know for - * sure that there is a backing chain. */ - if (disk->mirrorJob =3D=3D VIR_DOMAIN_BLOCK_JOB_TYPE_COPY) { - if (qemuDomainDetermineDiskChain(driver, vm, disk, disk->mirror, t= rue) < 0) - goto cleanup; - - if (disk->mirror->format && - disk->mirror->format !=3D VIR_STORAGE_FILE_RAW && - (qemuDomainNamespaceSetupDisk(vm, disk->mirror) < 0 || - qemuSetupImageChainCgroup(vm, disk->mirror) < 0 || - qemuSecuritySetImageLabel(driver, vm, disk->mirror, true) < 0= )) - goto cleanup; - } - /* Attempt the pivot. Record the attempt now, to prevent duplicate * attempts; but the actual disk change will be made when emitting * the event. @@ -17836,9 +17816,28 @@ qemuDomainBlockCopyCommon(virDomainObjPtr vm, keepParentLabel) < 0) goto endjob; - if (qemuDomainDiskChainElementPrepare(driver, vm, mirror, false, true)= < 0) { - qemuDomainDiskChainElementRevoke(driver, vm, mirror); + /* If reusing an external image that includes a backing file, the pivo= t may + * result in qemu needing to open the entire backing chain, so we need= to + * label the full backing chain of the mirror instead of just the top = image */ + if (flags & VIR_DOMAIN_BLOCK_COPY_REUSE_EXT && + mirror->format >=3D VIR_STORAGE_FILE_BACKING && + qemuDomainDetermineDiskChain(driver, vm, disk, mirror, true) < 0) goto endjob; + + if (flags & VIR_DOMAIN_BLOCK_COPY_REUSE_EXT && + virStorageSourceHasBacking(mirror)) { + /* note that we don't really know whether a part of the backing ch= ain + * is shared so rolling this back is not as easy. Thus we do it on= ly + * if there's a backing chain */ + if (qemuDomainNamespaceSetupDisk(vm, mirror) < 0 || + qemuSetupImageChainCgroup(vm, disk->mirror) < 0 || + qemuSecuritySetImageLabel(driver, vm, disk->mirror, true) < 0) + goto endjob; + } else { + if (qemuDomainDiskChainElementPrepare(driver, vm, mirror, false, t= rue) < 0) { + qemuDomainDiskChainElementRevoke(driver, vm, mirror); + goto endjob; + } } if (!(job =3D qemuBlockJobDiskNew(disk, QEMU_BLOCKJOB_TYPE_COPY, devic= e))) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index fb596d960f..c9e68397b6 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -7857,6 +7857,7 @@ qemuProcessRefreshLegacyBlockjob(void *payload, virDomainDiskDefPtr disk; qemuBlockJobDataPtr job; qemuBlockJobType jobtype =3D info->type; + qemuDomainObjPrivatePtr priv =3D vm->privateData; if (!(disk =3D qemuProcessFindDomainDiskByAliasOrQOM(vm, jobname, jobn= ame))) { VIR_DEBUG("could not find disk for block job '%s'", jobname); @@ -7878,8 +7879,29 @@ qemuProcessRefreshLegacyBlockjob(void *payload, disk->mirrorState =3D VIR_DOMAIN_DISK_MIRROR_STATE_READY; job->state =3D VIR_DOMAIN_BLOCK_JOB_READY; } + + /* Pre-blockdev block copy labelled the chain of the mirrored devi= ce + * just before pivoting. At that point it was no longer known whet= her + * it's even necessary (e.g. disk is being reused). This code fixes + * the labelling in case the job was started in a libvirt version + * which did not label the chain when the block copy is being star= ted. + * Note that we can't do much on failure. */ + if (disk->mirrorJob =3D=3D VIR_DOMAIN_BLOCK_JOB_TYPE_COPY) { + if (qemuDomainDetermineDiskChain(priv->driver, vm, disk, + disk->mirror, true) < 0) + goto cleanup; + + if (disk->mirror->format && + disk->mirror->format !=3D VIR_STORAGE_FILE_RAW && + (qemuDomainNamespaceSetupDisk(vm, disk->mirror) < 0 || + qemuSetupImageChainCgroup(vm, disk->mirror) < 0 || + qemuSecuritySetImageLabel(priv->driver, vm, disk->mirror, + true) < 0)) + goto cleanup; + } } + cleanup: qemuBlockJobStartupFinalize(job); return 0; --=20 2.20.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list