[PATCH 16/38] qemu: domain: Regenerate alias for the TLS x509 credential object

Peter Krempa <pkrempa@xxxxxxxxxx> · Wed, 30 May 2018 14:41:12 +0200

When restarting libvirt would previously lose the alias of the x509
certificate object. Upon unplug we would then not delete the
corresponding objects.

Restore the alias if we know it shoudl be there.

Luckily for disks we don't support encrypted TLS nevironment, so there's
no need to regenerate the 'seceret' alias for decrypting.

Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx>
---
 src/qemu/qemu_domain.c                                   |  7 +++++++
 tests/qemustatusxml2xmldata/disk-secinfo-upgrade-in.xml  | 10 ++++++++++
 tests/qemustatusxml2xmldata/disk-secinfo-upgrade-out.xml | 15 +++++++++++++++
 3 files changed, 32 insertions(+)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index a98424cc62..99656fcd6d 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -5965,6 +5965,13 @@ qemuDomainDeviceDiskDefPostParse(virDomainDiskDefPtr disk,
                                                         parseFlags) < 0)
         return -1;

+    /* regenerate TLS alias for old status XMLs */
+    if (parseFlags & VIR_DOMAIN_DEF_PARSE_STATUS &&
+        disk->src->haveTLS == VIR_TRISTATE_BOOL_YES &&
+        !disk->src->tlsAlias &&
+        !(disk->src->tlsAlias = qemuAliasTLSObjFromSrcAlias(disk->info.alias)))
+        return -1;
+
     return 0;
 }

diff --git a/tests/qemustatusxml2xmldata/disk-secinfo-upgrade-in.xml b/tests/qemustatusxml2xmldata/disk-secinfo-upgrade-in.xml
index d364fc7644..ce55a70637 100644
--- a/tests/qemustatusxml2xmldata/disk-secinfo-upgrade-in.xml
+++ b/tests/qemustatusxml2xmldata/disk-secinfo-upgrade-in.xml
@@ -387,6 +387,16 @@
         <alias name='virtio-disk5'/>
         <address type='pci' domain='0x0000' bus='0x00' slot='0x0f' function='0x0'/>
       </disk>
+      <disk type='network' device='disk'>
+        <driver name='qemu' type='raw'/>
+        <source protocol='vxhs' name='rbdpool/rbdimg' tls='yes' tlsFromConfig='0'>
+          <host name='example.org'/>
+        </source>
+        <backingStore/>
+        <target dev='vdg' bus='virtio'/>
+        <alias name='virtio-disk6'/>
+        <address type='pci' domain='0x0000' bus='0x00' slot='0x10' function='0x0'/>
+      </disk>
       <controller type='usb' index='0' model='ich9-ehci1'>
         <alias name='usb'/>
         <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x7'/>
diff --git a/tests/qemustatusxml2xmldata/disk-secinfo-upgrade-out.xml b/tests/qemustatusxml2xmldata/disk-secinfo-upgrade-out.xml
index a554bca99c..e7d2abbb81 100644
--- a/tests/qemustatusxml2xmldata/disk-secinfo-upgrade-out.xml
+++ b/tests/qemustatusxml2xmldata/disk-secinfo-upgrade-out.xml
@@ -403,6 +403,21 @@
         <alias name='virtio-disk5'/>
         <address type='pci' domain='0x0000' bus='0x00' slot='0x0f' function='0x0'/>
       </disk>
+      <disk type='network' device='disk'>
+        <driver name='qemu' type='raw'/>
+        <source protocol='vxhs' name='rbdpool/rbdimg' tls='yes' tlsFromConfig='0'>
+          <host name='example.org' port='9999'/>
+          <privateData>
+            <objects>
+              <tlsX509 alias='objvirtio-disk6_tls0'/>
+            </objects>
+          </privateData>
+        </source>
+        <backingStore/>
+        <target dev='vdg' bus='virtio'/>
+        <alias name='virtio-disk6'/>
+        <address type='pci' domain='0x0000' bus='0x00' slot='0x10' function='0x0'/>
+      </disk>
       <controller type='usb' index='0' model='ich9-ehci1'>
         <alias name='usb'/>
         <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x7'/>
-- 
2.16.2

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list






