Re: [libvirt] [PATCH 3/3] qemu: Add secinfo for hotplug virtio disk
On Wed, Jun 22, 2016 at 07:46:33 -0400, John Ferlan wrote:
Commit id 'a1344f70a' added AES secret processing for RBD
when starting
up a guest. As such, when the hotplug code calls qemuDomainSecretDiskPrepare
an AES secret could be added to the disk about to be hotplugged. If an AES
secret was added, then the hotplug code would need to generate the secret
object because qemuBuildDriveStr would add the "password-secret=" to the
returned 'driveStr' rather than the base64 encoded password.
Signed-off-by: John Ferlan <jferlan(a)redhat.com>
---
src/qemu/qemu_hotplug.c | 44 ++++++++++++++++++++++++++++++++++++++------
1 file changed, 38 insertions(+), 6 deletions(-)
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index f695903..a85467f 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
[...]
@@ -3422,12 +3446,14 @@
qemuDomainDetachVirtioDiskDevice(virQEMUDriverPtr driver,
qemuDomainMarkDeviceForRemoval(vm, &detach->info);
qemuDomainObjEnterMonitor(driver, vm);
- if (qemuMonitorDelDevice(priv->mon, detach->info.alias) < 0) {
- if (qemuDomainObjExitMonitor(driver, vm) < 0)
- goto cleanup;
- virDomainAuditDisk(vm, detach->src, NULL, "detach", false);
- goto cleanup;
+ if (secinfo && secinfo->type == VIR_DOMAIN_SECRET_INFO_TYPE_AES) {
This won't be initialized if you restart the daemon and thus the secret
object would not be deleted in such case.
To make it a bit worse, you can't call qemuDomainSecretPrepare since the
secrets may be missing and are not really needed at this point. You need
though generate the correct alias and use it in such case.
+ if (qemuMonitorDelObject(priv->mon,
secinfo->s.aes.alias) < 0)
+ goto faildel;
}
+
+ if (qemuMonitorDelDevice(priv->mon, detach->info.alias) < 0)
+ goto faildel;
+
if (qemuDomainObjExitMonitor(driver, vm) < 0)
goto cleanup;
Peter