On Fri, Apr 23, 2010 at 11:49:38AM +0100, Daniel P. Berrange wrote:
> In cases where the security driver failed to restore a label after a
> guest has saved, we mistakenly jumped to the error cleanup paths.
> This is not good, because the operation has in fact completed and
> cannot be rolled back completely. Label restore is non-critical, so
> just log the problem instead. Also add a missing restore call in
> the error cleanup path
>
> * src/qemu/qemu_driver.c: Fix handling of security driver
> restore failures in QEMU domain save
> ---
> src/qemu/qemu_driver.c | 48 +++++++++++++++++++++++++-----------------------
> 1 files changed, 25 insertions(+), 23 deletions(-)
>
> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> index faecfb7..862c030 100644
> --- a/src/qemu/qemu_driver.c
> +++ b/src/qemu/qemu_driver.c
> @@ -5052,16 +5052,13 @@ static int qemudDomainSaveFlag(virDomainPtr dom, const char *path,
> driver->securityDriver &&
> driver->securityDriver->domainRestoreSavedStateLabel &&
> driver->securityDriver->domainRestoreSavedStateLabel(vm, path) == -1)
> - goto endjob;
> + VIR_WARN("failed to restore save state label on %s", path);
>
> if (cgroup != NULL) {
> rc = virCgroupDenyDevicePath(cgroup, path);
> - if (rc != 0) {
> - virReportSystemError(-rc,
> - _("Unable to deny device %s for %s"),
> - path, vm->def->name);
> - goto endjob;
> - }
> + if (rc != 0)
> + VIR_WARN("Unable to deny device %s for %s %d",
> + path, vm->def->name, rc);
> }
>
> ret = 0;
> @@ -5080,24 +5077,29 @@ static int qemudDomainSaveFlag(virDomainPtr dom, const char *path,
>
> endjob:
> if (vm) {
> - if (ret != 0 && header.was_running && priv->mon) {
> - qemuDomainObjEnterMonitorWithDriver(driver, vm);
> - rc = qemuMonitorStartCPUs(priv->mon, dom->conn);
> - qemuDomainObjExitMonitorWithDriver(driver, vm);
> - if (rc < 0)
> - VIR_WARN0("Unable to resume guest CPUs after save failure");
> - else
> - vm->state = VIR_DOMAIN_RUNNING;
> - }
> + if (ret != 0) {
> + if (header.was_running && priv->mon) {
> + qemuDomainObjEnterMonitorWithDriver(driver, vm);
> + rc = qemuMonitorStartCPUs(priv->mon, dom->conn);
> + qemuDomainObjExitMonitorWithDriver(driver, vm);
> + if (rc < 0)
> + VIR_WARN0("Unable to resume guest CPUs after save failure");
> + else
> + vm->state = VIR_DOMAIN_RUNNING;
> + }
>
> - if (ret != 0 && cgroup != NULL) {
> - rc = virCgroupDenyDevicePath(cgroup, path);
> - if (rc != 0) {
> - virReportSystemError(-rc,
> - _("Unable to deny device %s for %s"),
> - path, vm->def->name);
> - goto endjob;
> + if (cgroup != NULL) {
> + rc = virCgroupDenyDevicePath(cgroup, path);
> + if (rc != 0)
> + VIR_WARN("Unable to deny device %s for %s: %d",
> + path, vm->def->name, rc);
> }
> +
> + if ((!bypassSecurityDriver) &&
> + driver->securityDriver &&
> + driver->securityDriver->domainRestoreSavedStateLabel &&
> + driver->securityDriver->domainRestoreSavedStateLabel(vm, path) == -1)
> + VIR_WARN("failed to restore save state label on %s", path);
> }
>
> if (qemuDomainObjEndJob(vm) == 0)
ACK,
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel@xxxxxxxxxxxx | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list