During domain startup there are many places where we need to acquire secrets. Currently code passes around a virConnectPtr, except in the places where we pass in NULL. So there are a few codepaths where ability to start guests using secrets will fail. Change to acquire a handle to the secret driver when needed. Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> --- src/qemu/qemu_domain.c | 111 ++++++++++++++++++++++------------------------ src/qemu/qemu_domain.h | 15 +++---- src/qemu/qemu_driver.c | 18 ++++---- src/qemu/qemu_hotplug.c | 64 +++++++++++--------------- src/qemu/qemu_hotplug.h | 15 +++---- src/qemu/qemu_migration.c | 10 ++--- src/qemu/qemu_process.c | 40 +++++------------ tests/qemuhotplugtest.c | 4 +- 8 files changed, 114 insertions(+), 163 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 84207db16a..27063873a4 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1151,7 +1151,6 @@ qemuDomainChrSourcePrivateDispose(void *obj) /* qemuDomainSecretPlainSetup: - * @conn: Pointer to connection * @secinfo: Pointer to secret info * @usageType: The virSecretUsageType * @username: username to use for authentication (may be NULL) @@ -1162,24 +1161,33 @@ qemuDomainChrSourcePrivateDispose(void *obj) * Returns 0 on success, -1 on failure with error message */ static int -qemuDomainSecretPlainSetup(virConnectPtr conn, - qemuDomainSecretInfoPtr secinfo, +qemuDomainSecretPlainSetup(qemuDomainSecretInfoPtr secinfo, virSecretUsageType usageType, const char *username, virSecretLookupTypeDefPtr seclookupdef) { + virConnectPtr conn; + int ret = -1; + + conn = virGetConnectSecret(); + if (!conn) + return -1; + secinfo->type = VIR_DOMAIN_SECRET_INFO_TYPE_PLAIN; if (VIR_STRDUP(secinfo->s.plain.username, username) < 0) - return -1; + goto cleanup; - return virSecretGetSecretString(conn, seclookupdef, usageType, - &secinfo->s.plain.secret, - &secinfo->s.plain.secretlen); + ret = virSecretGetSecretString(conn, seclookupdef, usageType, + &secinfo->s.plain.secret, + &secinfo->s.plain.secretlen); + + cleanup: + virObjectUnref(conn); + return ret; } /* qemuDomainSecretAESSetup: - * @conn: Pointer to connection * @priv: pointer to domain private object * @secinfo: Pointer to secret info * @srcalias: Alias of the disk/hostdev used to generate the secret alias @@ -1193,8 +1201,7 @@ qemuDomainSecretPlainSetup(virConnectPtr conn, * Returns 0 on success, -1 on failure with error message */ static int -qemuDomainSecretAESSetup(virConnectPtr conn, - qemuDomainObjPrivatePtr priv, +qemuDomainSecretAESSetup(qemuDomainObjPrivatePtr priv, qemuDomainSecretInfoPtr secinfo, const char *srcalias, virSecretUsageType usageType, @@ -1202,6 +1209,7 @@ qemuDomainSecretAESSetup(virConnectPtr conn, virSecretLookupTypeDefPtr seclookupdef, bool isLuks) { + virConnectPtr conn; int ret = -1; uint8_t *raw_iv = NULL; size_t ivlen = QEMU_DOMAIN_AES_IV_LEN; @@ -1210,16 +1218,20 @@ qemuDomainSecretAESSetup(virConnectPtr conn, uint8_t *ciphertext = NULL; size_t ciphertextlen = 0; + conn = virGetConnectSecret(); + if (!conn) + return -1; + secinfo->type = VIR_DOMAIN_SECRET_INFO_TYPE_AES; if (VIR_STRDUP(secinfo->s.aes.username, username) < 0) - return -1; + goto cleanup; if (!(secinfo->s.aes.alias = qemuDomainGetSecretAESAlias(srcalias, isLuks))) - return -1; + goto cleanup; /* Create a random initialization vector */ if (!(raw_iv = virCryptoGenerateRandom(ivlen))) - return -1; + goto cleanup; /* Encode the IV and save that since qemu will need it */ if (!(secinfo->s.aes.iv = virStringEncodeBase64(raw_iv, ivlen))) @@ -1250,13 +1262,12 @@ qemuDomainSecretAESSetup(virConnectPtr conn, VIR_DISPOSE_N(raw_iv, ivlen); VIR_DISPOSE_N(secret, secretlen); VIR_DISPOSE_N(ciphertext, ciphertextlen); - + virObjectUnref(conn); return ret; } /* qemuDomainSecretSetup: - * @conn: Pointer to connection * @priv: pointer to domain private object * @secinfo: Pointer to secret info * @srcalias: Alias of the disk/hostdev used to generate the secret alias @@ -1273,8 +1284,7 @@ qemuDomainSecretAESSetup(virConnectPtr conn, * Returns 0 on success, -1 on failure */ static int -qemuDomainSecretSetup(virConnectPtr conn, - qemuDomainObjPrivatePtr priv, +qemuDomainSecretSetup(qemuDomainObjPrivatePtr priv, qemuDomainSecretInfoPtr secinfo, const char *srcalias, virSecretUsageType usageType, @@ -1291,12 +1301,12 @@ qemuDomainSecretSetup(virConnectPtr conn, (usageType == VIR_SECRET_USAGE_TYPE_ISCSI && iscsiHasPS) || usageType == VIR_SECRET_USAGE_TYPE_VOLUME || usageType == VIR_SECRET_USAGE_TYPE_TLS)) { - if (qemuDomainSecretAESSetup(conn, priv, secinfo, srcalias, + if (qemuDomainSecretAESSetup(priv, secinfo, srcalias, usageType, username, seclookupdef, isLuks) < 0) return -1; } else { - if (qemuDomainSecretPlainSetup(conn, secinfo, usageType, + if (qemuDomainSecretPlainSetup(secinfo, usageType, username, seclookupdef) < 0) return -1; } @@ -1305,7 +1315,6 @@ qemuDomainSecretSetup(virConnectPtr conn, /* qemuDomainSecretInfoNew: - * @conn: Pointer to connection * @priv: pointer to domain private object * @srcAlias: Alias base to use for TLS object * @usageType: Secret usage type @@ -1319,8 +1328,7 @@ qemuDomainSecretSetup(virConnectPtr conn, * to eventually free @secinfo. */ static qemuDomainSecretInfoPtr -qemuDomainSecretInfoNew(virConnectPtr conn, - qemuDomainObjPrivatePtr priv, +qemuDomainSecretInfoNew(qemuDomainObjPrivatePtr priv, const char *srcAlias, virSecretUsageType usageType, const char *username, @@ -1332,7 +1340,7 @@ qemuDomainSecretInfoNew(virConnectPtr conn, if (VIR_ALLOC(secinfo) < 0) return NULL; - if (qemuDomainSecretSetup(conn, priv, secinfo, srcAlias, usageType, + if (qemuDomainSecretSetup(priv, secinfo, srcAlias, usageType, username, lookupDef, isLuks) < 0) goto error; @@ -1352,7 +1360,6 @@ qemuDomainSecretInfoNew(virConnectPtr conn, /** * qemuDomainSecretInfoTLSNew: - * @conn: Pointer to connection * @priv: pointer to domain private object * @srcAlias: Alias base to use for TLS object * @secretUUID: Provide a secretUUID value to look up/create the secretInfo @@ -1363,8 +1370,7 @@ qemuDomainSecretInfoNew(virConnectPtr conn, * Returns qemuDomainSecretInfoPtr or NULL on error. */ qemuDomainSecretInfoPtr -qemuDomainSecretInfoTLSNew(virConnectPtr conn, - qemuDomainObjPrivatePtr priv, +qemuDomainSecretInfoTLSNew(qemuDomainObjPrivatePtr priv, const char *srcAlias, const char *secretUUID) { @@ -1378,7 +1384,7 @@ qemuDomainSecretInfoTLSNew(virConnectPtr conn, } seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_UUID; - return qemuDomainSecretInfoNew(conn, priv, srcAlias, + return qemuDomainSecretInfoNew(priv, srcAlias, VIR_SECRET_USAGE_TYPE_TLS, NULL, &seclookupdef, false); } @@ -1440,7 +1446,6 @@ qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src) /** * qemuDomainSecretStorageSourcePrepare: - * @conn: connection object - for secret lookup * @priv: domain private object * @src: storage source struct to setup * @authalias: prefix of the alias for secret holding authentication data @@ -1454,8 +1459,7 @@ qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src) * Returns 0 on success; -1 on error while reporting an libvirt error. */ static int -qemuDomainSecretStorageSourcePrepare(virConnectPtr conn, - qemuDomainObjPrivatePtr priv, +qemuDomainSecretStorageSourcePrepare(qemuDomainObjPrivatePtr priv, virStorageSourcePtr src, const char *authalias, const char *encalias) @@ -1479,7 +1483,7 @@ qemuDomainSecretStorageSourcePrepare(virConnectPtr conn, usageType = VIR_SECRET_USAGE_TYPE_CEPH; if (!(srcPriv->secinfo = - qemuDomainSecretInfoNew(conn, priv, authalias, + qemuDomainSecretInfoNew(priv, authalias, usageType, src->auth->username, &src->auth->seclookupdef, false))) return -1; @@ -1487,7 +1491,7 @@ qemuDomainSecretStorageSourcePrepare(virConnectPtr conn, if (hasEnc) { if (!(srcPriv->encinfo = - qemuDomainSecretInfoNew(conn, priv, encalias, + qemuDomainSecretInfoNew(priv, encalias, VIR_SECRET_USAGE_TYPE_VOLUME, NULL, &src->encryption->secrets[0]->seclookupdef, true))) @@ -1499,7 +1503,6 @@ qemuDomainSecretStorageSourcePrepare(virConnectPtr conn, /* qemuDomainSecretDiskPrepare: - * @conn: Pointer to connection * @priv: pointer to domain private object * @disk: Pointer to a disk definition * @@ -1509,11 +1512,10 @@ qemuDomainSecretStorageSourcePrepare(virConnectPtr conn, */ static int -qemuDomainSecretDiskPrepare(virConnectPtr conn, - qemuDomainObjPrivatePtr priv, +qemuDomainSecretDiskPrepare(qemuDomainObjPrivatePtr priv, virDomainDiskDefPtr disk) { - return qemuDomainSecretStorageSourcePrepare(conn, priv, disk->src, + return qemuDomainSecretStorageSourcePrepare(priv, disk->src, disk->info.alias, disk->info.alias); } @@ -1543,7 +1545,6 @@ qemuDomainSecretHostdevDestroy(virDomainHostdevDefPtr hostdev) /* qemuDomainSecretHostdevPrepare: - * @conn: Pointer to connection * @priv: pointer to domain private object * @hostdev: Pointer to a hostdev definition * @@ -1552,8 +1553,7 @@ qemuDomainSecretHostdevDestroy(virDomainHostdevDefPtr hostdev) * Returns 0 on success, -1 on failure */ int -qemuDomainSecretHostdevPrepare(virConnectPtr conn, - qemuDomainObjPrivatePtr priv, +qemuDomainSecretHostdevPrepare(qemuDomainObjPrivatePtr priv, virDomainHostdevDefPtr hostdev) { if (virHostdevIsSCSIDevice(hostdev)) { @@ -1571,7 +1571,7 @@ qemuDomainSecretHostdevPrepare(virConnectPtr conn, srcPriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(src); if (!(srcPriv->secinfo = - qemuDomainSecretInfoNew(conn, priv, hostdev->info->alias, + qemuDomainSecretInfoNew(priv, hostdev->info->alias, VIR_SECRET_USAGE_TYPE_ISCSI, src->auth->username, &src->auth->seclookupdef, @@ -1603,7 +1603,6 @@ qemuDomainSecretChardevDestroy(virDomainChrSourceDefPtr dev) /* qemuDomainSecretChardevPrepare: - * @conn: Pointer to connection * @cfg: Pointer to driver config object * @priv: pointer to domain private object * @chrAlias: Alias of the chr device @@ -1615,8 +1614,7 @@ qemuDomainSecretChardevDestroy(virDomainChrSourceDefPtr dev) * Returns 0 on success, -1 on failure */ int -qemuDomainSecretChardevPrepare(virConnectPtr conn, - virQEMUDriverConfigPtr cfg, +qemuDomainSecretChardevPrepare(virQEMUDriverConfigPtr cfg, qemuDomainObjPrivatePtr priv, const char *chrAlias, virDomainChrSourceDefPtr dev) @@ -1635,7 +1633,7 @@ qemuDomainSecretChardevPrepare(virConnectPtr conn, return -1; chrSourcePriv->secinfo = - qemuDomainSecretInfoTLSNew(conn, priv, charAlias, + qemuDomainSecretInfoTLSNew(priv, charAlias, cfg->chardevTLSx509secretUUID); VIR_FREE(charAlias); @@ -1693,7 +1691,6 @@ qemuDomainSecretDestroy(virDomainObjPtr vm) /* qemuDomainSecretPrepare: - * @conn: Pointer to connection * @driver: Pointer to driver object * @vm: Domain object * @@ -1706,8 +1703,7 @@ qemuDomainSecretDestroy(virDomainObjPtr vm) * Returns 0 on success, -1 on failure with error message set */ int -qemuDomainSecretPrepare(virConnectPtr conn, - virQEMUDriverPtr driver, +qemuDomainSecretPrepare(virQEMUDriverPtr driver, virDomainObjPtr vm) { qemuDomainObjPrivatePtr priv = vm->privateData; @@ -1718,34 +1714,34 @@ qemuDomainSecretPrepare(virConnectPtr conn, /* disk secrets are prepared when preparing disks */ for (i = 0; i < vm->def->nhostdevs; i++) { - if (qemuDomainSecretHostdevPrepare(conn, priv, + if (qemuDomainSecretHostdevPrepare(priv, vm->def->hostdevs[i]) < 0) goto cleanup; } for (i = 0; i < vm->def->nserials; i++) { - if (qemuDomainSecretChardevPrepare(conn, cfg, priv, + if (qemuDomainSecretChardevPrepare(cfg, priv, vm->def->serials[i]->info.alias, vm->def->serials[i]->source) < 0) goto cleanup; } for (i = 0; i < vm->def->nparallels; i++) { - if (qemuDomainSecretChardevPrepare(conn, cfg, priv, + if (qemuDomainSecretChardevPrepare(cfg, priv, vm->def->parallels[i]->info.alias, vm->def->parallels[i]->source) < 0) goto cleanup; } for (i = 0; i < vm->def->nchannels; i++) { - if (qemuDomainSecretChardevPrepare(conn, cfg, priv, + if (qemuDomainSecretChardevPrepare(cfg, priv, vm->def->channels[i]->info.alias, vm->def->channels[i]->source) < 0) goto cleanup; } for (i = 0; i < vm->def->nconsoles; i++) { - if (qemuDomainSecretChardevPrepare(conn, cfg, priv, + if (qemuDomainSecretChardevPrepare(cfg, priv, vm->def->consoles[i]->info.alias, vm->def->consoles[i]->source) < 0) goto cleanup; @@ -1754,21 +1750,21 @@ qemuDomainSecretPrepare(virConnectPtr conn, for (i = 0; i < vm->def->nsmartcards; i++) if (vm->def->smartcards[i]->type == VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH && - qemuDomainSecretChardevPrepare(conn, cfg, priv, + qemuDomainSecretChardevPrepare(cfg, priv, vm->def->smartcards[i]->info.alias, vm->def->smartcards[i]->data.passthru) < 0) goto cleanup; for (i = 0; i < vm->def->nrngs; i++) { if (vm->def->rngs[i]->backend == VIR_DOMAIN_RNG_BACKEND_EGD && - qemuDomainSecretChardevPrepare(conn, cfg, priv, + qemuDomainSecretChardevPrepare(cfg, priv, vm->def->rngs[i]->info.alias, vm->def->rngs[i]->source.chardev) < 0) goto cleanup; } for (i = 0; i < vm->def->nredirdevs; i++) { - if (qemuDomainSecretChardevPrepare(conn, cfg, priv, + if (qemuDomainSecretChardevPrepare(cfg, priv, vm->def->redirdevs[i]->info.alias, vm->def->redirdevs[i]->source) < 0) goto cleanup; @@ -11459,15 +11455,14 @@ qemuDomainCheckMigrationCapabilities(virQEMUDriverPtr driver, int -qemuDomainPrepareDiskSource(virConnectPtr conn, - virDomainDiskDefPtr disk, +qemuDomainPrepareDiskSource(virDomainDiskDefPtr disk, qemuDomainObjPrivatePtr priv, virQEMUDriverConfigPtr cfg) { if (qemuDomainPrepareDiskSourceTLS(disk->src, cfg) < 0) return -1; - if (qemuDomainSecretDiskPrepare(conn, priv, disk) < 0) + if (qemuDomainSecretDiskPrepare(priv, disk) < 0) return -1; if (disk->src->type == VIR_STORAGE_TYPE_NETWORK && diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index f3ec5d8042..62d84a7364 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -836,24 +836,21 @@ bool qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src) ATTRIBUTE_NONNULL(1); qemuDomainSecretInfoPtr -qemuDomainSecretInfoTLSNew(virConnectPtr conn, - qemuDomainObjPrivatePtr priv, +qemuDomainSecretInfoTLSNew(qemuDomainObjPrivatePtr priv, const char *srcAlias, const char *secretUUID); void qemuDomainSecretHostdevDestroy(virDomainHostdevDefPtr disk) ATTRIBUTE_NONNULL(1); -int qemuDomainSecretHostdevPrepare(virConnectPtr conn, - qemuDomainObjPrivatePtr priv, +int qemuDomainSecretHostdevPrepare(qemuDomainObjPrivatePtr priv, virDomainHostdevDefPtr hostdev) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3); void qemuDomainSecretChardevDestroy(virDomainChrSourceDefPtr dev) ATTRIBUTE_NONNULL(1); -int qemuDomainSecretChardevPrepare(virConnectPtr conn, - virQEMUDriverConfigPtr cfg, +int qemuDomainSecretChardevPrepare(virQEMUDriverConfigPtr cfg, qemuDomainObjPrivatePtr priv, const char *chrAlias, virDomainChrSourceDefPtr dev) @@ -863,8 +860,7 @@ int qemuDomainSecretChardevPrepare(virConnectPtr conn, void qemuDomainSecretDestroy(virDomainObjPtr vm) ATTRIBUTE_NONNULL(1); -int qemuDomainSecretPrepare(virConnectPtr conn, - virQEMUDriverPtr driver, +int qemuDomainSecretPrepare(virQEMUDriverPtr driver, virDomainObjPtr vm) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3); @@ -1000,8 +996,7 @@ qemuDomainCheckMigrationCapabilities(virQEMUDriverPtr driver, qemuDomainAsyncJob asyncJob); int -qemuDomainPrepareDiskSource(virConnectPtr conn, - virDomainDiskDefPtr disk, +qemuDomainPrepareDiskSource(virDomainDiskDefPtr disk, qemuDomainObjPrivatePtr priv, virQEMUDriverConfigPtr cfg); diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 6eec6d282c..4533996201 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -7635,7 +7635,6 @@ qemuDomainUndefine(virDomainPtr dom) static int qemuDomainAttachDeviceLive(virDomainObjPtr vm, virDomainDeviceDefPtr dev, - virConnectPtr conn, virQEMUDriverPtr driver) { int ret = -1; @@ -7644,7 +7643,7 @@ qemuDomainAttachDeviceLive(virDomainObjPtr vm, switch ((virDomainDeviceType) dev->type) { case VIR_DOMAIN_DEVICE_DISK: qemuDomainObjCheckDiskTaint(driver, vm, dev->data.disk, NULL); - ret = qemuDomainAttachDeviceDiskLive(conn, driver, vm, dev); + ret = qemuDomainAttachDeviceDiskLive(driver, vm, dev); if (!ret) { alias = dev->data.disk->info.alias; dev->data.disk = NULL; @@ -7677,7 +7676,7 @@ qemuDomainAttachDeviceLive(virDomainObjPtr vm, case VIR_DOMAIN_DEVICE_HOSTDEV: qemuDomainObjCheckHostdevTaint(driver, vm, dev->data.hostdev, NULL); - ret = qemuDomainAttachHostDevice(conn, driver, vm, + ret = qemuDomainAttachHostDevice(driver, vm, dev->data.hostdev); if (!ret) { alias = dev->data.hostdev->info->alias; @@ -7686,7 +7685,7 @@ qemuDomainAttachDeviceLive(virDomainObjPtr vm, break; case VIR_DOMAIN_DEVICE_REDIRDEV: - ret = qemuDomainAttachRedirdevDevice(conn, driver, vm, + ret = qemuDomainAttachRedirdevDevice(driver, vm, dev->data.redirdev); if (!ret) { alias = dev->data.redirdev->info.alias; @@ -7695,7 +7694,7 @@ qemuDomainAttachDeviceLive(virDomainObjPtr vm, break; case VIR_DOMAIN_DEVICE_CHR: - ret = qemuDomainAttachChrDevice(conn, driver, vm, + ret = qemuDomainAttachChrDevice(driver, vm, dev->data.chr); if (!ret) { alias = dev->data.chr->info.alias; @@ -7704,7 +7703,7 @@ qemuDomainAttachDeviceLive(virDomainObjPtr vm, break; case VIR_DOMAIN_DEVICE_RNG: - ret = qemuDomainAttachRNGDevice(conn, driver, vm, + ret = qemuDomainAttachRNGDevice(driver, vm, dev->data.rng); if (!ret) { alias = dev->data.rng->info.alias; @@ -8441,8 +8440,7 @@ qemuDomainUpdateDeviceConfig(virDomainDefPtr vmdef, } static int -qemuDomainAttachDeviceLiveAndConfig(virConnectPtr conn, - virDomainObjPtr vm, +qemuDomainAttachDeviceLiveAndConfig(virDomainObjPtr vm, virQEMUDriverPtr driver, const char *xml, unsigned int flags) @@ -8501,7 +8499,7 @@ qemuDomainAttachDeviceLiveAndConfig(virConnectPtr conn, if (virDomainDefCompatibleDevice(vm->def, dev_copy) < 0) goto cleanup; - if ((ret = qemuDomainAttachDeviceLive(vm, dev_copy, conn, driver)) < 0) + if ((ret = qemuDomainAttachDeviceLive(vm, dev_copy, driver)) < 0) goto cleanup; /* * update domain status forcibly because the domain status may be @@ -8557,7 +8555,7 @@ qemuDomainAttachDeviceFlags(virDomainPtr dom, if (virDomainObjUpdateModificationImpact(vm, &flags) < 0) goto endjob; - if (qemuDomainAttachDeviceLiveAndConfig(dom->conn, vm, driver, xml, flags) < 0) + if (qemuDomainAttachDeviceLiveAndConfig(vm, driver, xml, flags) < 0) goto endjob; ret = 0; diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index a2268be576..1549d4b4d8 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -354,8 +354,7 @@ qemuDomainChangeEjectableMedia(virQEMUDriverPtr driver, * Attaches disk to a VM. This function aggregates common code for all bus types. * In cases when the VM crashed while adding the disk, -2 is returned. */ static int -qemuDomainAttachDiskGeneric(virConnectPtr conn, - virQEMUDriverPtr driver, +qemuDomainAttachDiskGeneric(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainDiskDefPtr disk) { @@ -382,7 +381,7 @@ qemuDomainAttachDiskGeneric(virConnectPtr conn, if (qemuAssignDeviceDiskAlias(vm->def, disk) < 0) goto error; - if (qemuDomainPrepareDiskSource(conn, disk, priv, cfg) < 0) + if (qemuDomainPrepareDiskSource(disk, priv, cfg) < 0) goto error; srcPriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(disk->src); @@ -487,8 +486,7 @@ qemuDomainAttachDiskGeneric(virConnectPtr conn, static int -qemuDomainAttachVirtioDiskDevice(virConnectPtr conn, - virQEMUDriverPtr driver, +qemuDomainAttachVirtioDiskDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainDiskDefPtr disk) { @@ -499,7 +497,7 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn, if (qemuDomainEnsureVirtioAddress(&releaseaddr, vm, &dev, disk->dst) < 0) return -1; - if ((rv = qemuDomainAttachDiskGeneric(conn, driver, vm, disk)) < 0) { + if ((rv = qemuDomainAttachDiskGeneric(driver, vm, disk)) < 0) { if (rv == -1 && releaseaddr) qemuDomainReleaseDeviceAddress(vm, &disk->info, disk->dst); @@ -639,8 +637,7 @@ qemuDomainFindOrCreateSCSIDiskController(virQEMUDriverPtr driver, static int -qemuDomainAttachSCSIDisk(virConnectPtr conn, - virQEMUDriverPtr driver, +qemuDomainAttachSCSIDisk(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainDiskDefPtr disk) { @@ -666,7 +663,7 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn, return -1; } - if (qemuDomainAttachDiskGeneric(conn, driver, vm, disk) < 0) + if (qemuDomainAttachDiskGeneric(driver, vm, disk) < 0) return -1; return 0; @@ -674,8 +671,7 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn, static int -qemuDomainAttachUSBMassStorageDevice(virConnectPtr conn, - virQEMUDriverPtr driver, +qemuDomainAttachUSBMassStorageDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainDiskDefPtr disk) { @@ -686,7 +682,7 @@ qemuDomainAttachUSBMassStorageDevice(virConnectPtr conn, return -1; } - if (qemuDomainAttachDiskGeneric(conn, driver, vm, disk) < 0) { + if (qemuDomainAttachDiskGeneric(driver, vm, disk) < 0) { virDomainUSBAddressRelease(priv->usbaddrs, &disk->info); return -1; } @@ -696,8 +692,7 @@ qemuDomainAttachUSBMassStorageDevice(virConnectPtr conn, int -qemuDomainAttachDeviceDiskLive(virConnectPtr conn, - virQEMUDriverPtr driver, +qemuDomainAttachDeviceDiskLive(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainDeviceDefPtr dev) { @@ -761,15 +756,15 @@ qemuDomainAttachDeviceDiskLive(virConnectPtr conn, _("disk device='lun' is not supported for usb bus")); break; } - ret = qemuDomainAttachUSBMassStorageDevice(conn, driver, vm, disk); + ret = qemuDomainAttachUSBMassStorageDevice(driver, vm, disk); break; case VIR_DOMAIN_DISK_BUS_VIRTIO: - ret = qemuDomainAttachVirtioDiskDevice(conn, driver, vm, disk); + ret = qemuDomainAttachVirtioDiskDevice(driver, vm, disk); break; case VIR_DOMAIN_DISK_BUS_SCSI: - ret = qemuDomainAttachSCSIDisk(conn, driver, vm, disk); + ret = qemuDomainAttachSCSIDisk(driver, vm, disk); break; case VIR_DOMAIN_DISK_BUS_IDE: @@ -954,11 +949,8 @@ qemuDomainAttachNetDevice(virQEMUDriverPtr driver, * as a hostdev (the hostdev code will reach over into the * netdev-specific code as appropriate), then also added to * the nets list (see cleanup:) if successful. - * - * qemuDomainAttachHostDevice uses a connection to resolve - * a SCSI hostdev secret, which is not this case, so pass NULL. */ - ret = qemuDomainAttachHostDevice(NULL, driver, vm, + ret = qemuDomainAttachHostDevice(driver, vm, virDomainNetGetActualHostdev(net)); goto cleanup; break; @@ -1519,8 +1511,7 @@ qemuDomainGetTLSObjects(virQEMUCapsPtr qemuCaps, static int -qemuDomainAddChardevTLSObjects(virConnectPtr conn, - virQEMUDriverPtr driver, +qemuDomainAddChardevTLSObjects(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainChrSourceDefPtr dev, char *devAlias, @@ -1545,7 +1536,7 @@ qemuDomainAddChardevTLSObjects(virConnectPtr conn, goto cleanup; } - if (qemuDomainSecretChardevPrepare(conn, cfg, priv, devAlias, dev) < 0) + if (qemuDomainSecretChardevPrepare(cfg, priv, devAlias, dev) < 0) goto cleanup; if ((chrSourcePriv = QEMU_DOMAIN_CHR_SOURCE_PRIVATE(dev))) @@ -1623,8 +1614,7 @@ qemuDomainDelChardevTLSObjects(virQEMUDriverPtr driver, } -int qemuDomainAttachRedirdevDevice(virConnectPtr conn, - virQEMUDriverPtr driver, +int qemuDomainAttachRedirdevDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainRedirdevDefPtr redirdev) { @@ -1655,7 +1645,7 @@ int qemuDomainAttachRedirdevDevice(virConnectPtr conn, if (VIR_REALLOC_N(def->redirdevs, def->nredirdevs+1) < 0) goto cleanup; - if (qemuDomainAddChardevTLSObjects(conn, driver, vm, redirdev->source, + if (qemuDomainAddChardevTLSObjects(driver, vm, redirdev->source, redirdev->info.alias, charAlias, &tlsAlias, &secAlias) < 0) goto audit; @@ -1861,8 +1851,7 @@ qemuDomainAttachChrDeviceAssignAddr(virDomainObjPtr vm, return 0; } -int qemuDomainAttachChrDevice(virConnectPtr conn, - virQEMUDriverPtr driver, +int qemuDomainAttachChrDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainChrDefPtr chr) { @@ -1914,7 +1903,7 @@ int qemuDomainAttachChrDevice(virConnectPtr conn, if (qemuDomainChrPreInsert(vmdef, chr) < 0) goto cleanup; - if (qemuDomainAddChardevTLSObjects(conn, driver, vm, dev, + if (qemuDomainAddChardevTLSObjects(driver, vm, dev, chr->info.alias, charAlias, &tlsAlias, &secAlias) < 0) goto audit; @@ -1969,8 +1958,7 @@ int qemuDomainAttachChrDevice(virConnectPtr conn, int -qemuDomainAttachRNGDevice(virConnectPtr conn, - virQEMUDriverPtr driver, +qemuDomainAttachRNGDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainRNGDefPtr rng) { @@ -2024,7 +2012,7 @@ qemuDomainAttachRNGDevice(virConnectPtr conn, goto cleanup; if (rng->backend == VIR_DOMAIN_RNG_BACKEND_EGD) { - if (qemuDomainAddChardevTLSObjects(conn, driver, vm, + if (qemuDomainAddChardevTLSObjects(driver, vm, rng->source.chardev, rng->info.alias, charAlias, &tlsAlias, &secAlias) < 0) @@ -2325,8 +2313,7 @@ qemuDomainAttachHostUSBDevice(virQEMUDriverPtr driver, static int -qemuDomainAttachHostSCSIDevice(virConnectPtr conn, - virQEMUDriverPtr driver, +qemuDomainAttachHostSCSIDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainHostdevDefPtr hostdev) { @@ -2383,7 +2370,7 @@ qemuDomainAttachHostSCSIDevice(virConnectPtr conn, if (qemuAssignDeviceHostdevAlias(vm->def, &hostdev->info->alias, -1) < 0) goto cleanup; - if (qemuDomainSecretHostdevPrepare(conn, priv, hostdev) < 0) + if (qemuDomainSecretHostdevPrepare(priv, hostdev) < 0) goto cleanup; if (scsisrc->protocol == VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI) { @@ -2585,8 +2572,7 @@ qemuDomainAttachSCSIVHostDevice(virQEMUDriverPtr driver, int -qemuDomainAttachHostDevice(virConnectPtr conn, - virQEMUDriverPtr driver, +qemuDomainAttachHostDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainHostdevDefPtr hostdev) { @@ -2611,7 +2597,7 @@ qemuDomainAttachHostDevice(virConnectPtr conn, break; case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI: - if (qemuDomainAttachHostSCSIDevice(conn, driver, vm, + if (qemuDomainAttachHostSCSIDevice(driver, vm, hostdev) < 0) goto error; break; diff --git a/src/qemu/qemu_hotplug.h b/src/qemu/qemu_hotplug.h index 9a0c057f19..b2f5fa688b 100644 --- a/src/qemu/qemu_hotplug.h +++ b/src/qemu/qemu_hotplug.h @@ -62,19 +62,16 @@ int qemuDomainGetTLSObjects(virQEMUCapsPtr qemuCaps, int qemuDomainAttachControllerDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainControllerDefPtr controller); -int qemuDomainAttachDeviceDiskLive(virConnectPtr conn, - virQEMUDriverPtr driver, +int qemuDomainAttachDeviceDiskLive(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainDeviceDefPtr dev); int qemuDomainAttachNetDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainNetDefPtr net); -int qemuDomainAttachRedirdevDevice(virConnectPtr conn, - virQEMUDriverPtr driver, +int qemuDomainAttachRedirdevDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainRedirdevDefPtr hostdev); -int qemuDomainAttachHostDevice(virConnectPtr conn, - virQEMUDriverPtr driver, +int qemuDomainAttachHostDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainHostdevDefPtr hostdev); int qemuDomainAttachShmemDevice(virQEMUDriverPtr driver, @@ -140,15 +137,13 @@ int qemuDomainAttachLease(virQEMUDriverPtr driver, int qemuDomainDetachLease(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainLeaseDefPtr lease); -int qemuDomainAttachChrDevice(virConnectPtr conn, - virQEMUDriverPtr driver, +int qemuDomainAttachChrDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainChrDefPtr chr); int qemuDomainDetachChrDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainChrDefPtr chr); -int qemuDomainAttachRNGDevice(virConnectPtr conn, - virQEMUDriverPtr driver, +int qemuDomainAttachRNGDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainRNGDefPtr rng); int qemuDomainDetachRNGDevice(virQEMUDriverPtr driver, diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index 88639c71fc..d202e87fbe 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -128,7 +128,6 @@ qemuMigrationCheckTLSCreds(virQEMUDriverPtr driver, /* qemuMigrationCheckSetupTLS - * @conn: Connection pointer * @driver: pointer to qemu driver * @vm: domain object * @cfg: configuration pointer @@ -144,8 +143,7 @@ qemuMigrationCheckTLSCreds(virQEMUDriverPtr driver, * Returns 0 on success, -1 on error/failure */ static int -qemuMigrationCheckSetupTLS(virConnectPtr conn, - virQEMUDriverPtr driver, +qemuMigrationCheckSetupTLS(virQEMUDriverPtr driver, virQEMUDriverConfigPtr cfg, virDomainObjPtr vm, qemuDomainAsyncJob asyncJob) @@ -171,7 +169,7 @@ qemuMigrationCheckSetupTLS(virConnectPtr conn, /* If there's a secret, then grab/store it now using the connection */ if (cfg->migrateTLSx509secretUUID && !(priv->migSecinfo = - qemuDomainSecretInfoTLSNew(conn, priv, QEMU_MIGRATION_TLS_ALIAS_BASE, + qemuDomainSecretInfoTLSNew(priv, QEMU_MIGRATION_TLS_ALIAS_BASE, cfg->migrateTLSx509secretUUID))) return -1; @@ -2180,7 +2178,7 @@ qemuMigrationBegin(virConnectPtr conn, if (flags & VIR_MIGRATE_TLS) { cfg = virQEMUDriverGetConfig(driver); - if (qemuMigrationCheckSetupTLS(conn, driver, cfg, vm, asyncJob) < 0) + if (qemuMigrationCheckSetupTLS(driver, cfg, vm, asyncJob) < 0) goto endjob; } @@ -2788,7 +2786,7 @@ qemuMigrationPrepareAny(virQEMUDriverPtr driver, * set the migration TLS parameters */ if (flags & VIR_MIGRATE_TLS) { cfg = virQEMUDriverGetConfig(driver); - if (qemuMigrationCheckSetupTLS(dconn, driver, cfg, vm, + if (qemuMigrationCheckSetupTLS(driver, cfg, vm, QEMU_ASYNC_JOB_MIGRATION_IN) < 0) goto stopjob; diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 586d11bba3..27454fb583 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -368,11 +368,11 @@ qemuProcessFindDomainDiskByAlias(virDomainObjPtr vm, } static int -qemuProcessGetVolumeQcowPassphrase(virConnectPtr conn, - virDomainDiskDefPtr disk, +qemuProcessGetVolumeQcowPassphrase(virDomainDiskDefPtr disk, char **secretRet, size_t *secretLen) { + virConnectPtr conn = NULL; char *passphrase; unsigned char *data; size_t size; @@ -387,19 +387,8 @@ qemuProcessGetVolumeQcowPassphrase(virConnectPtr conn, } enc = disk->src->encryption; - if (!conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, - "%s", _("cannot find secrets without a connection")); + if (!(conn = virGetConnectSecret())) goto cleanup; - } - - if (conn->secretDriver == NULL || - conn->secretDriver->secretLookupByUUID == NULL || - conn->secretDriver->secretGetValue == NULL) { - virReportError(VIR_ERR_OPERATION_INVALID, "%s", - _("secret storage not supported")); - goto cleanup; - } if (enc->format != VIR_STORAGE_ENCRYPTION_FORMAT_QCOW || enc->nsecrets != 1 || @@ -442,6 +431,7 @@ qemuProcessGetVolumeQcowPassphrase(virConnectPtr conn, ret = 0; cleanup: + virObjectUnref(conn); return ret; } @@ -453,7 +443,6 @@ qemuProcessFindVolumeQcowPassphrase(qemuMonitorPtr mon ATTRIBUTE_UNUSED, size_t *secretLen, void *opaque ATTRIBUTE_UNUSED) { - virConnectPtr conn = NULL; virDomainDiskDefPtr disk; int ret = -1; @@ -465,11 +454,9 @@ qemuProcessFindVolumeQcowPassphrase(qemuMonitorPtr mon ATTRIBUTE_UNUSED, goto cleanup; } - conn = virGetConnectSecret(); - ret = qemuProcessGetVolumeQcowPassphrase(conn, disk, secretRet, secretLen); + ret = qemuProcessGetVolumeQcowPassphrase(disk, secretRet, secretLen); cleanup: - virObjectUnref(conn); virObjectUnlock(vm); return ret; } @@ -2567,8 +2554,7 @@ qemuProcessResctrlCreate(virQEMUDriverPtr driver, static int -qemuProcessInitPasswords(virConnectPtr conn, - virQEMUDriverPtr driver, +qemuProcessInitPasswords(virQEMUDriverPtr driver, virDomainObjPtr vm, int asyncJob) { @@ -2613,8 +2599,7 @@ qemuProcessInitPasswords(virConnectPtr conn, continue; VIR_FREE(secret); - if (qemuProcessGetVolumeQcowPassphrase(conn, - vm->def->disks[i], + if (qemuProcessGetVolumeQcowPassphrase(vm->def->disks[i], &secret, &secretLen) < 0) goto cleanup; @@ -5589,8 +5574,7 @@ qemuProcessPrepareDomainNUMAPlacement(virDomainObjPtr vm, static int -qemuProcessPrepareDomainStorage(virConnectPtr conn, - virQEMUDriverPtr driver, +qemuProcessPrepareDomainStorage(virQEMUDriverPtr driver, virDomainObjPtr vm, qemuDomainObjPrivatePtr priv, virQEMUDriverConfigPtr cfg, @@ -5611,7 +5595,7 @@ qemuProcessPrepareDomainStorage(virConnectPtr conn, continue; } - if (qemuDomainPrepareDiskSource(conn, disk, priv, cfg) < 0) + if (qemuDomainPrepareDiskSource(disk, priv, cfg) < 0) return -1; } @@ -5722,14 +5706,14 @@ qemuProcessPrepareDomain(virConnectPtr conn, goto cleanup; VIR_DEBUG("Setting up storage"); - if (qemuProcessPrepareDomainStorage(conn, driver, vm, priv, cfg, flags) < 0) + if (qemuProcessPrepareDomainStorage(driver, vm, priv, cfg, flags) < 0) goto cleanup; VIR_DEBUG("Prepare chardev source backends for TLS"); qemuDomainPrepareChardevSource(vm->def, cfg); VIR_DEBUG("Add secrets to hostdevs and chardevs"); - if (qemuDomainSecretPrepare(conn, driver, vm) < 0) + if (qemuDomainSecretPrepare(driver, vm) < 0) goto cleanup; for (i = 0; i < vm->def->nchannels; i++) { @@ -6180,7 +6164,7 @@ qemuProcessLaunch(virConnectPtr conn, goto cleanup; VIR_DEBUG("Setting any required VM passwords"); - if (qemuProcessInitPasswords(conn, driver, vm, asyncJob) < 0) + if (qemuProcessInitPasswords(driver, vm, asyncJob) < 0) goto cleanup; /* set default link states */ diff --git a/tests/qemuhotplugtest.c b/tests/qemuhotplugtest.c index 63bfe44145..d42f8e12cb 100644 --- a/tests/qemuhotplugtest.c +++ b/tests/qemuhotplugtest.c @@ -120,10 +120,10 @@ testQemuHotplugAttach(virDomainObjPtr vm, /* conn in only used for storage pool and secrets lookup so as long * as we don't use any of them, passing NULL should be safe */ - ret = qemuDomainAttachDeviceDiskLive(NULL, &driver, vm, dev); + ret = qemuDomainAttachDeviceDiskLive(&driver, vm, dev); break; case VIR_DOMAIN_DEVICE_CHR: - ret = qemuDomainAttachChrDevice(NULL, &driver, vm, dev->data.chr); + ret = qemuDomainAttachChrDevice(&driver, vm, dev->data.chr); break; case VIR_DOMAIN_DEVICE_SHMEM: ret = qemuDomainAttachShmemDevice(&driver, vm, dev->data.shmem); -- 2.14.3 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list