Re: [libvirt] [PATCHv7 2/2] domain: conf: Fix secret type checking for network volumes

On Thu, Jan 30, 2014 at 9:46 AM, Ján Tomko <jtomko(a)redhat.com <mailto:jtomko@redhat.com>> wrote: On 01/23/2014 08:45 PM, Adam Walters wrote: > This patch fixes the secret type checking done in the > virDomainDiskDefParseXML function. Previously, it would not allow any > volumes that utilized a secret. This patch is a simple bypass of the > checking code for volumes. > > Signed-off-by: Adam Walters <adam(a)pandorasboxen.com <mailto:adam@pandorasboxen.com>> > --- > src/conf/domain_conf.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c > index 28e24f9..773dc26 100644 > --- a/src/conf/domain_conf.c > +++ b/src/conf/domain_conf.c > @@ -5418,7 +5418,8 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt, > cur = cur->next; > } > > - if (auth_secret_usage != -1 && auth_secret_usage != expected_secret_usage) { > + if (auth_secret_usage != -1 && auth_secret_usage != expected_secret_usage && > + def->type != VIR_DOMAIN_DISK_TYPE_VOLUME) { > virReportError(VIR_ERR_INTERNAL_ERROR, > _("invalid secret type '%s'"), > virSecretUsageTypeTypeToString(auth_secret_usage)); So an rbd volume can have a secret when the pool has auth set to none? Otherwise it seems the volume's secret data might get overwritten by qemuTranslateDiskSourcePoolAuth. The purpose of this is to bypass the secret type checking for volumes (not just RBD volumes).

Above this section of code, but in the same function, there is some code that populates the expected_secret_usage variable. Looking back on it now, I think I may have an alternative solution. I think I might be able to set expected_secret_usage properly by referencing def->srcpool->pooltype above this to check it like is done for non-storage pool RBD disks.