[libvirt] [PATCH] Fix security driver configuration
The security driver was mistakenly initialized before the QEMU config file was loaded. This prevents it being turned off again. The capabilities XML was also getting the wrong security driver name, due to the stacked driver arrangement. * src/qemu/qemu_driver.c: Fix initialization order and capabilities model name --- src/qemu/qemu_driver.c | 20 ++++++++++---------- 1 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 54d33cd..cac5b8a 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -933,7 +933,7 @@ qemudSecurityInit(struct qemud_driver *qemud_drv) static virCapsPtr qemuCreateCapabilities(virCapsPtr oldcaps, - virSecurityDriverPtr secDriver) + struct qemud_driver *driver) { virCapsPtr caps; @@ -951,11 +951,11 @@ qemuCreateCapabilities(virCapsPtr oldcaps, /* Security driver data */ - if (secDriver) { + if (driver->securityPrimaryDriver) { const char *doi, *model; - doi = virSecurityDriverGetDOI(secDriver); - model = virSecurityDriverGetModel(secDriver); + doi = virSecurityDriverGetDOI(driver->securityPrimaryDriver); + model = virSecurityDriverGetModel(driver->securityPrimaryDriver); if (!(caps->host.secModel.model = strdup(model))) goto no_memory; @@ -1098,20 +1098,20 @@ qemudStartup(int privileged) { virStrerror(-rc, buf, sizeof(buf))); } + if (qemudLoadDriverConfig(qemu_driver, driverConf) < 0) { + goto error; + } + if (qemudSecurityInit(qemu_driver) < 0) goto error; if ((qemu_driver->caps = qemuCreateCapabilities(NULL, - qemu_driver->securityDriver)) == NULL) + qemu_driver)) == NULL) goto error; if ((qemu_driver->activePciHostdevs = pciDeviceListNew()) == NULL) goto error; - if (qemudLoadDriverConfig(qemu_driver, driverConf) < 0) { - goto error; - } - if (privileged) { if (chown(qemu_driver->libDir, qemu_driver->user, qemu_driver->group) < 0) { virReportSystemError(errno, @@ -3065,7 +3065,7 @@ static char *qemudGetCapabilities(virConnectPtr conn) { qemuDriverLock(driver); if ((caps = qemuCreateCapabilities(qemu_driver->caps, - qemu_driver->securityDriver)) == NULL) { + qemu_driver)) == NULL) { virCapabilitiesFree(caps); goto cleanup; } -- 1.6.6
On Tue, Feb 09, 2010 at 07:04:48PM +0000, Daniel P. Berrange wrote:
The security driver was mistakenly initialized before the QEMU config file was loaded. This prevents it being turned off again. The capabilities XML was also getting the wrong security driver name, due to the stacked driver arrangement.
* src/qemu/qemu_driver.c: Fix initialization order and capabilities model name --- src/qemu/qemu_driver.c | 20 ++++++++++---------- 1 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 54d33cd..cac5b8a 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -933,7 +933,7 @@ qemudSecurityInit(struct qemud_driver *qemud_drv)
static virCapsPtr qemuCreateCapabilities(virCapsPtr oldcaps, - virSecurityDriverPtr secDriver) + struct qemud_driver *driver) { virCapsPtr caps;
@@ -951,11 +951,11 @@ qemuCreateCapabilities(virCapsPtr oldcaps,
/* Security driver data */ - if (secDriver) { + if (driver->securityPrimaryDriver) { const char *doi, *model;
- doi = virSecurityDriverGetDOI(secDriver); - model = virSecurityDriverGetModel(secDriver); + doi = virSecurityDriverGetDOI(driver->securityPrimaryDriver); + model = virSecurityDriverGetModel(driver->securityPrimaryDriver);
if (!(caps->host.secModel.model = strdup(model))) goto no_memory; @@ -1098,20 +1098,20 @@ qemudStartup(int privileged) { virStrerror(-rc, buf, sizeof(buf))); }
+ if (qemudLoadDriverConfig(qemu_driver, driverConf) < 0) { + goto error; + } + if (qemudSecurityInit(qemu_driver) < 0) goto error;
if ((qemu_driver->caps = qemuCreateCapabilities(NULL, - qemu_driver->securityDriver)) == NULL) + qemu_driver)) == NULL) goto error;
if ((qemu_driver->activePciHostdevs = pciDeviceListNew()) == NULL) goto error;
- if (qemudLoadDriverConfig(qemu_driver, driverConf) < 0) { - goto error; - } - if (privileged) { if (chown(qemu_driver->libDir, qemu_driver->user, qemu_driver->group) < 0) { virReportSystemError(errno, @@ -3065,7 +3065,7 @@ static char *qemudGetCapabilities(virConnectPtr conn) { qemuDriverLock(driver);
if ((caps = qemuCreateCapabilities(qemu_driver->caps, - qemu_driver->securityDriver)) == NULL) { + qemu_driver)) == NULL) { virCapabilitiesFree(caps); goto cleanup; }
ACK, Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/
participants (2)
-
Daniel P. Berrange -
Daniel Veillard