Re: [PATCH v2 02/14] qemu: Introduce qemuDomainSecretMigratePrepare

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 02/24/2017 12:08 PM, Jiri Denemark wrote:
> On Thu, Feb 23, 2017 at 13:42:04 -0500, John Ferlan wrote:
>> Introduce API to Prepare a qemuDomainSecretInfoPtr to be
>> used with a migrate or nbd TLS object
>>
>> Also alter the error message in ChardevPrepare when UUIDParse fails
>> to be consistent with the message for MigratePrepare
>>
>> Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx>
>> ---
>>  src/qemu/qemu_domain.c | 48 ++++++++++++++++++++++++++--
>>  src/qemu/qemu_domain.h | 85 ++++++++++++++++++++++++++++----------------------
>>  2 files changed, 94 insertions(+), 39 deletions(-)
>>
>> diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
>> index b7594b3..40c9dab 100644
>> --- a/src/qemu/qemu_domain.c
>> +++ b/src/qemu/qemu_domain.c
>> @@ -1353,8 +1353,9 @@ qemuDomainSecretChardevPrepare(virConnectPtr conn,
>>  
>>          if (virUUIDParse(cfg->chardevTLSx509secretUUID,
>>                           seclookupdef.u.uuid) < 0) {
>> -            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
>> -                           _("malformed chardev TLS secret uuid in qemu.conf"));
>> +            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
>> +                           _("malformed TLS secret uuid '%s' in qemu.conf"),
>> +                           cfg->chardevTLSx509secretUUID);
>>              return -1;
>>          }
>>          seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_UUID;
>> @@ -1379,6 +1380,47 @@ qemuDomainSecretChardevPrepare(virConnectPtr conn,
>>  }
>>  
>>  
>> +/* qemuDomainSecretMigratePrepare
>> + * @conn: Pointer to connection
>> + * @priv: pointer to domain private object
>> + * @srcAlias: Alias to use (either migrate or nbd)
>> + * @secretUUID: UUID for the secret from the cfg (migrate or nbd)
>> + *
>> + * Create and prepare the qemuDomainSecretInfoPtr to be used for either
>> + * a migration or nbd. Unlike other domain secret prepare functions, this
>> + * is only expected to be called for a single object/instance. Theoretically
>> + * the object could be reused, although that results in keeping a secret
>> + * stored in memory for perhaps longer than expected or necessary.
>> + *
>> + * Returns 0 on success, -1 on failure
>> + */
>> +int
>> +qemuDomainSecretMigratePrepare(virConnectPtr conn,
>> +                               qemuDomainObjPrivatePtr priv,
>> +                               const char *srcAlias,
>> +                               const char *secretUUID)
>> +{
>> +    virSecretLookupTypeDef seclookupdef = {0};
>> +
>> +    if (virUUIDParse(secretUUID, seclookupdef.u.uuid) < 0) {
>> +        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
>> +                       _("malformed TLS secret uuid '%s' in qemu.conf"),
>> +                       secretUUID);
>> +        return -1;
>> +    }
>> +    seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_UUID;
> 
> I hoped this would go inside qemuDomainSecretInfoNew, but you made it
> general so that it can be used in places which need different
> seclookupdef...
> 

Right... and chardev/migration are the only two using a secret UUID from
qemu.conf.  The migration one is generic (secretUUID)

I could move the code into the SecretInfoNew, but then someone could say
what does parsing the UUID have to do with creating a SecretInfo - it's
damned if you do and damned if you don't type situation.

I'd rather keep this as is and pass the &seclookupdef

>> +
>> +    if (!(priv->migSecinfo =
>> +          qemuDomainSecretInfoNew(conn, priv, srcAlias,
>> +                                  VIR_SECRET_USAGE_TYPE_TLS, NULL,
>> +                                  &seclookupdef, false, "TLS X.509")))
> 
> This will obviously need to be changed according to the changes in the
> previous patch.

Yep.


John
> 
> Jirka
> 

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]
  Powered by Linux