[libvirt] [PATCH 4/4] qemu: Add TLS hotplug for qemuDomainAttachRNGDevice
John Ferlan
jferlan at redhat.com
Fri Oct 21 14:22:31 UTC 2016
Commit id '2c322378' missed the nuance that the rng backend could be
using a TCP chardev and if TLS is enabled on the host, thus will need
to have the TLS object added.
Signed-off-by: John Ferlan <jferlan at redhat.com>
---
src/qemu/qemu_hotplug.c | 31 +++++++++++++++++++++++++++----
1 file changed, 27 insertions(+), 4 deletions(-)
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 4b2a24c..aac1338 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -1851,26 +1851,30 @@ qemuDomainAttachRNGDevice(virQEMUDriverPtr driver,
virDomainObjPtr vm,
virDomainRNGDefPtr rng)
{
+ virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
qemuDomainObjPrivatePtr priv = vm->privateData;
virErrorPtr orig_err;
char *devstr = NULL;
char *charAlias = NULL;
char *objAlias = NULL;
+ char *tlsAlias = NULL;
bool releaseaddr = false;
bool chardevAdded = false;
bool objAdded = false;
+ bool tlsobjAdded = false;
virJSONValuePtr props = NULL;
+ virJSONValuePtr tlsProps = NULL;
virDomainCCWAddressSetPtr ccwaddrs = NULL;
const char *type;
int ret = -1;
int rv;
if (qemuAssignDeviceRNGAlias(vm->def, rng) < 0)
- return -1;
+ goto cleanup;
/* preallocate space for the device definition */
if (VIR_REALLOC_N(vm->def->rngs, vm->def->nrngs + 1) < 0)
- return -1;
+ goto cleanup;
if (rng->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) {
if (qemuDomainMachineIsS390CCW(vm->def) &&
@@ -1882,14 +1886,14 @@ qemuDomainAttachRNGDevice(virQEMUDriverPtr driver,
} else {
if (!qemuCheckCCWS390AddressSupport(vm->def, rng->info, priv->qemuCaps,
rng->source.file))
- return -1;
+ goto cleanup;
}
releaseaddr = true;
if (rng->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE ||
rng->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI) {
if (virDomainPCIAddressEnsureAddr(priv->pciaddrs, &rng->info) < 0)
- return -1;
+ goto cleanup;
} else if (rng->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_CCW) {
if (!(ccwaddrs = qemuDomainCCWAddrSetCreateFromDomain(vm->def)))
goto cleanup;
@@ -1911,8 +1915,22 @@ qemuDomainAttachRNGDevice(virQEMUDriverPtr driver,
if (!(charAlias = qemuAliasChardevFromDevAlias(rng->info.alias)))
goto cleanup;
+ if (rng->backend == VIR_DOMAIN_RNG_BACKEND_EGD &&
+ qemuDomainGetChardevTLSObjects(cfg, priv, rng->source.chardev,
+ charAlias, &tlsProps, &tlsAlias) < 0)
+ goto cleanup;
+
qemuDomainObjEnterMonitor(driver, vm);
+ if (tlsAlias) {
+ rv = qemuMonitorAddObject(priv->mon, "tls-creds-x509",
+ tlsAlias, tlsProps);
+ tlsProps = NULL; /* qemuMonitorAddObject consumes */
+ if (rv < 0)
+ goto exit_monitor;
+ tlsobjAdded = true;
+ }
+
if (rng->backend == VIR_DOMAIN_RNG_BACKEND_EGD &&
qemuMonitorAttachCharDev(priv->mon, charAlias,
rng->source.chardev) < 0)
@@ -1940,17 +1958,22 @@ qemuDomainAttachRNGDevice(virQEMUDriverPtr driver,
audit:
virDomainAuditRNG(vm, NULL, rng, "attach", ret == 0);
cleanup:
+ virJSONValueFree(tlsProps);
virJSONValueFree(props);
if (ret < 0 && releaseaddr)
qemuDomainReleaseDeviceAddress(vm, &rng->info, NULL);
+ VIR_FREE(tlsAlias);
VIR_FREE(charAlias);
VIR_FREE(objAlias);
VIR_FREE(devstr);
virDomainCCWAddressSetFree(ccwaddrs);
+ virObjectUnref(cfg);
return ret;
exit_monitor:
orig_err = virSaveLastError();
+ if (tlsobjAdded)
+ ignore_value(qemuMonitorDelObject(priv->mon, tlsAlias));
if (objAdded)
ignore_value(qemuMonitorDelObject(priv->mon, objAlias));
if (rng->backend == VIR_DOMAIN_RNG_BACKEND_EGD && chardevAdded)
--
2.7.4
More information about the libvir-list
mailing list