提交 08fd20b0 编写于 作者: D Daniel P. Berrange

Pull initial disk labelling out into libvirtd instead of exec hook

Pulling the disk labelling code out of the exec hook, and into
libvirtd will allow it to access shared state in the daemon. It
will also make debugging & error reporting easier / more reliable.

* qemu/qemu_driver.c: Move initial disk labelling calls up into
  libvirtd. Add cleanup of disk labels upon failure
上级 9c48360b
...@@ -2450,12 +2450,6 @@ static int qemudDomainSetSecurityLabel(virConnectPtr conn, struct qemud_driver * ...@@ -2450,12 +2450,6 @@ static int qemudDomainSetSecurityLabel(virConnectPtr conn, struct qemud_driver *
int rc = 0; int rc = 0;
if (driver->securityDriver && if (driver->securityDriver &&
driver->securityDriver->domainSetSecurityAllLabel &&
driver->securityDriver->domainSetSecurityAllLabel(conn, vm) < 0)
rc = -1;
if (rc == 0 &&
driver->securityDriver &&
driver->securityDriver->domainSetSecurityProcessLabel && driver->securityDriver->domainSetSecurityProcessLabel &&
driver->securityDriver->domainSetSecurityProcessLabel(conn, driver->securityDriver, vm) < 0) driver->securityDriver->domainSetSecurityProcessLabel(conn, driver->securityDriver, vm) < 0)
rc = -1; rc = -1;
...@@ -2778,6 +2772,11 @@ static int qemudStartVMDaemon(virConnectPtr conn, ...@@ -2778,6 +2772,11 @@ static int qemudStartVMDaemon(virConnectPtr conn,
driver->securityDriver->domainGenSecurityLabel(conn, vm) < 0) driver->securityDriver->domainGenSecurityLabel(conn, vm) < 0)
return -1; return -1;
if (driver->securityDriver &&
driver->securityDriver->domainSetSecurityAllLabel &&
driver->securityDriver->domainSetSecurityAllLabel(conn, vm) < 0)
goto cleanup;
/* Ensure no historical cgroup for this VM is lieing around bogus settings */ /* Ensure no historical cgroup for this VM is lieing around bogus settings */
qemuRemoveCgroup(conn, driver, vm, 1); qemuRemoveCgroup(conn, driver, vm, 1);
...@@ -2985,6 +2984,9 @@ cleanup: ...@@ -2985,6 +2984,9 @@ cleanup:
/* We jump here if we failed to start the VM for any reason /* We jump here if we failed to start the VM for any reason
* XXX investigate if we can kill this block and safely call * XXX investigate if we can kill this block and safely call
* qemudShutdownVMDaemon even though no PID is running */ * qemudShutdownVMDaemon even though no PID is running */
if (driver->securityDriver &&
driver->securityDriver->domainRestoreSecurityAllLabel)
driver->securityDriver->domainRestoreSecurityAllLabel(conn, vm);
if (driver->securityDriver && if (driver->securityDriver &&
driver->securityDriver->domainReleaseSecurityLabel) driver->securityDriver->domainReleaseSecurityLabel)
driver->securityDriver->domainReleaseSecurityLabel(conn, vm); driver->securityDriver->domainReleaseSecurityLabel(conn, vm);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册