Commit id '2c322378' missed the nuance that the redirdev backend could
be using a TCP chardev and if TLS is enabled on the host, thus will need
to have the TLS object added.
Signed-off-by: John Ferlan <jferlan(a)redhat.com>
---
src/qemu/qemu_hotplug.c | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index cdd9222..4b2a24c 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -1505,11 +1505,16 @@ int qemuDomainAttachRedirdevDevice(virQEMUDriverPtr driver,
virDomainRedirdevDefPtr redirdev)
{
int ret = -1;
+ int rc;
+ virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
qemuDomainObjPrivatePtr priv = vm->privateData;
virDomainDefPtr def = vm->def;
char *charAlias = NULL;
char *devstr = NULL;
bool chardevAdded = false;
+ bool tlsobjAdded = false;
+ virJSONValuePtr tlsProps = NULL;
+ char *tlsAlias = NULL;
virErrorPtr orig_err;
if (qemuAssignDeviceRedirdevAlias(def, redirdev, -1) < 0)
@@ -1524,7 +1529,21 @@ int qemuDomainAttachRedirdevDevice(virQEMUDriverPtr driver,
if (VIR_REALLOC_N(def->redirdevs, def->nredirdevs+1) < 0)
goto cleanup;
+ if (redirdev->source.chr.type == VIR_DOMAIN_CHR_TYPE_TCP &&
+ qemuDomainGetChardevTLSObjects(cfg, priv, &(redirdev->source.chr),
+ charAlias, &tlsProps, &tlsAlias) < 0)
+ goto cleanup;
+
qemuDomainObjEnterMonitor(driver, vm);
+ if (tlsAlias) {
+ rc = qemuMonitorAddObject(priv->mon, "tls-creds-x509",
+ tlsAlias, tlsProps);
+ tlsProps = NULL; /* qemuMonitorAddObject consumes */
+ if (rc < 0)
+ goto exit_monitor;
+ tlsobjAdded = true;
+ }
+
if (qemuMonitorAttachCharDev(priv->mon,
charAlias,
&(redirdev->source.chr)) < 0)
@@ -1542,12 +1561,17 @@ int qemuDomainAttachRedirdevDevice(virQEMUDriverPtr driver,
audit:
virDomainAuditRedirdev(vm, redirdev, "attach", ret == 0);
cleanup:
+ VIR_FREE(tlsAlias);
+ virJSONValueFree(tlsProps);
VIR_FREE(charAlias);
VIR_FREE(devstr);
+ virObjectUnref(cfg);
return ret;
exit_monitor:
orig_err = virSaveLastError();
+ if (tlsobjAdded)
+ ignore_value(qemuMonitorDelObject(priv->mon, tlsAlias));
/* detach associated chardev on error */
if (chardevAdded)
ignore_value(qemuMonitorDetachCharDev(priv->mon, charAlias));
--
2.7.4