On Fri, Apr 23, 2010 at 11:49:38AM +0100, Daniel P. Berrange wrote:
In cases where the security driver failed to restore a label after a
guest has saved, we mistakenly jumped to the error cleanup paths.
This is not good, because the operation has in fact completed and
cannot be rolled back completely. Label restore is non-critical, so
just log the problem instead. Also add a missing restore call in
the error cleanup path
* src/qemu/qemu_driver.c: Fix handling of security driver
restore failures in QEMU domain save
---
src/qemu/qemu_driver.c | 48 +++++++++++++++++++++++++-----------------------
1 files changed, 25 insertions(+), 23 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index faecfb7..862c030 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -5052,16 +5052,13 @@ static int qemudDomainSaveFlag(virDomainPtr dom, const char
*path,
driver->securityDriver &&
driver->securityDriver->domainRestoreSavedStateLabel &&
driver->securityDriver->domainRestoreSavedStateLabel(vm, path) == -1)
- goto endjob;
+ VIR_WARN("failed to restore save state label on %s", path);
if (cgroup != NULL) {
rc = virCgroupDenyDevicePath(cgroup, path);
- if (rc != 0) {
- virReportSystemError(-rc,
- _("Unable to deny device %s for %s"),
- path, vm->def->name);
- goto endjob;
- }
+ if (rc != 0)
+ VIR_WARN("Unable to deny device %s for %s %d",
+ path, vm->def->name, rc);
}
ret = 0;
@@ -5080,24 +5077,29 @@ static int qemudDomainSaveFlag(virDomainPtr dom, const char
*path,
endjob:
if (vm) {
- if (ret != 0 && header.was_running && priv->mon) {
- qemuDomainObjEnterMonitorWithDriver(driver, vm);
- rc = qemuMonitorStartCPUs(priv->mon, dom->conn);
- qemuDomainObjExitMonitorWithDriver(driver, vm);
- if (rc < 0)
- VIR_WARN0("Unable to resume guest CPUs after save failure");
- else
- vm->state = VIR_DOMAIN_RUNNING;
- }
+ if (ret != 0) {
+ if (header.was_running && priv->mon) {
+ qemuDomainObjEnterMonitorWithDriver(driver, vm);
+ rc = qemuMonitorStartCPUs(priv->mon, dom->conn);
+ qemuDomainObjExitMonitorWithDriver(driver, vm);
+ if (rc < 0)
+ VIR_WARN0("Unable to resume guest CPUs after save
failure");
+ else
+ vm->state = VIR_DOMAIN_RUNNING;
+ }
- if (ret != 0 && cgroup != NULL) {
- rc = virCgroupDenyDevicePath(cgroup, path);
- if (rc != 0) {
- virReportSystemError(-rc,
- _("Unable to deny device %s for %s"),
- path, vm->def->name);
- goto endjob;
+ if (cgroup != NULL) {
+ rc = virCgroupDenyDevicePath(cgroup, path);
+ if (rc != 0)
+ VIR_WARN("Unable to deny device %s for %s: %d",
+ path, vm->def->name, rc);
}
+
+ if ((!bypassSecurityDriver) &&
+ driver->securityDriver &&
+ driver->securityDriver->domainRestoreSavedStateLabel &&
+ driver->securityDriver->domainRestoreSavedStateLabel(vm, path) ==
-1)
+ VIR_WARN("failed to restore save state label on %s", path);
}
if (qemuDomainObjEndJob(vm) == 0)
ACK,
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit
http://xmlsoft.org/
daniel(a)veillard.com | Rpmfind RPM search engine
http://rpmfind.net/
http://veillard.com/ | virtualization library
http://libvirt.org/