Re: [libvirt] [PATCH 3/4] qemu: Add TLS hotplug for qemuDomainAttachRedirdevDevice

2016-10-24 Thread Pavel Hrdina 
On Fri, Oct 21, 2016 at 10:22:30AM -0400, John Ferlan wrote:
> Commit id '2c322378' missed the nuance that the redirdev backend could
> be using a TCP chardev and if TLS is enabled on the host, thus will need
> to have the TLS object added.
> 
> Signed-off-by: John Ferlan 
> ---
>  src/qemu/qemu_hotplug.c | 24 
>  1 file changed, 24 insertions(+)
> 
> diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
> index cdd9222..4b2a24c 100644
> --- a/src/qemu/qemu_hotplug.c
> +++ b/src/qemu/qemu_hotplug.c
> @@ -1505,11 +1505,16 @@ int qemuDomainAttachRedirdevDevice(virQEMUDriverPtr 
> driver,
> virDomainRedirdevDefPtr redirdev)
>  {
>  int ret = -1;
> +int rc;
> +virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
>  qemuDomainObjPrivatePtr priv = vm->privateData;
>  virDomainDefPtr def = vm->def;
>  char *charAlias = NULL;
>  char *devstr = NULL;
>  bool chardevAdded = false;
> +bool tlsobjAdded = false;
> +virJSONValuePtr tlsProps = NULL;
> +char *tlsAlias = NULL;
>  virErrorPtr orig_err;
>  
>  if (qemuAssignDeviceRedirdevAlias(def, redirdev, -1) < 0)
> @@ -1524,7 +1529,21 @@ int qemuDomainAttachRedirdevDevice(virQEMUDriverPtr 
> driver,
>  if (VIR_REALLOC_N(def->redirdevs, def->nredirdevs+1) < 0)
>  goto cleanup;
>  
> +if (redirdev->source.chr.type == VIR_DOMAIN_CHR_TYPE_TCP &&

This check would be moved into the qemuDomainGetChardevTLSObjects() and we
need to check for redirdev->bus == VIR_DOMAIN_REDIRDEV_BUS_USB even though
the union has currently only one member.  If someone adds a new member this
case will be already covered by the check for proper bus type.

ACK with that fixed.

Pavel

> +qemuDomainGetChardevTLSObjects(cfg, priv, &(redirdev->source.chr),
> +   charAlias, , ) < 0)
> +goto cleanup;
> +
>  qemuDomainObjEnterMonitor(driver, vm);
> +if (tlsAlias) {
> +rc = qemuMonitorAddObject(priv->mon, "tls-creds-x509",
> +  tlsAlias, tlsProps);
> +tlsProps = NULL; /* qemuMonitorAddObject consumes */
> +if (rc < 0)
> +goto exit_monitor;
> +tlsobjAdded = true;
> +}
> +
>  if (qemuMonitorAttachCharDev(priv->mon,
>   charAlias,
>   &(redirdev->source.chr)) < 0)
> @@ -1542,12 +1561,17 @@ int qemuDomainAttachRedirdevDevice(virQEMUDriverPtr 
> driver,
>   audit:
>  virDomainAuditRedirdev(vm, redirdev, "attach", ret == 0);
>   cleanup:
> +VIR_FREE(tlsAlias);
> +virJSONValueFree(tlsProps);
>  VIR_FREE(charAlias);
>  VIR_FREE(devstr);
> +virObjectUnref(cfg);
>  return ret;
>  
>   exit_monitor:
>  orig_err = virSaveLastError();
> +if (tlsobjAdded)
> +ignore_value(qemuMonitorDelObject(priv->mon, tlsAlias));
>  /* detach associated chardev on error */
>  if (chardevAdded)
>  ignore_value(qemuMonitorDetachCharDev(priv->mon, charAlias));
> -- 
> 2.7.4
> 
> --
> libvir-list mailing list
> libvir-list@redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list


signature.asc
Description: Digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH 3/4] qemu: Add TLS hotplug for qemuDomainAttachRedirdevDevice

2016-10-21 Thread John Ferlan 
Commit id '2c322378' missed the nuance that the redirdev backend could
be using a TCP chardev and if TLS is enabled on the host, thus will need
to have the TLS object added.

Signed-off-by: John Ferlan 
---
 src/qemu/qemu_hotplug.c | 24 
 1 file changed, 24 insertions(+)

diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index cdd9222..4b2a24c 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -1505,11 +1505,16 @@ int qemuDomainAttachRedirdevDevice(virQEMUDriverPtr 
driver,
virDomainRedirdevDefPtr redirdev)
 {
 int ret = -1;
+int rc;
+virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
 qemuDomainObjPrivatePtr priv = vm->privateData;
 virDomainDefPtr def = vm->def;
 char *charAlias = NULL;
 char *devstr = NULL;
 bool chardevAdded = false;
+bool tlsobjAdded = false;
+virJSONValuePtr tlsProps = NULL;
+char *tlsAlias = NULL;
 virErrorPtr orig_err;
 
 if (qemuAssignDeviceRedirdevAlias(def, redirdev, -1) < 0)
@@ -1524,7 +1529,21 @@ int qemuDomainAttachRedirdevDevice(virQEMUDriverPtr 
driver,
 if (VIR_REALLOC_N(def->redirdevs, def->nredirdevs+1) < 0)
 goto cleanup;
 
+if (redirdev->source.chr.type == VIR_DOMAIN_CHR_TYPE_TCP &&
+qemuDomainGetChardevTLSObjects(cfg, priv, &(redirdev->source.chr),
+   charAlias, , ) < 0)
+goto cleanup;
+
 qemuDomainObjEnterMonitor(driver, vm);
+if (tlsAlias) {
+rc = qemuMonitorAddObject(priv->mon, "tls-creds-x509",
+  tlsAlias, tlsProps);
+tlsProps = NULL; /* qemuMonitorAddObject consumes */
+if (rc < 0)
+goto exit_monitor;
+tlsobjAdded = true;
+}
+
 if (qemuMonitorAttachCharDev(priv->mon,
  charAlias,
  &(redirdev->source.chr)) < 0)
@@ -1542,12 +1561,17 @@ int qemuDomainAttachRedirdevDevice(virQEMUDriverPtr 
driver,
  audit:
 virDomainAuditRedirdev(vm, redirdev, "attach", ret == 0);
  cleanup:
+VIR_FREE(tlsAlias);
+virJSONValueFree(tlsProps);
 VIR_FREE(charAlias);
 VIR_FREE(devstr);
+virObjectUnref(cfg);
 return ret;
 
  exit_monitor:
 orig_err = virSaveLastError();
+if (tlsobjAdded)
+ignore_value(qemuMonitorDelObject(priv->mon, tlsAlias));
 /* detach associated chardev on error */
 if (chardevAdded)
 ignore_value(qemuMonitorDetachCharDev(priv->mon, charAlias));
-- 
2.7.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list