diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 640dc4a29397f20c5c35cc92e4adf0a648744d04..403f01e75e46888145c721399a2b1d5fcc54b946 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -25,6 +25,7 @@ #include "qemu_domain.h" #include "qemu_alias.h" +#include "qemu_cgroup.h" #include "qemu_command.h" #include "qemu_parse_command.h" #include "qemu_capabilities.h" @@ -45,6 +46,7 @@ #include "viratomic.h" #include "virprocess.h" #include "logging/log_manager.h" +#include "locking/domain_lock.h" #include "storage/storage_driver.h" @@ -3369,6 +3371,69 @@ qemuDomainDetermineDiskChain(virQEMUDriverPtr driver, } +/** + * qemuDomainDiskChainElementRevoke: + * + * Revoke access to a single backing chain element. This restores the labels, + * removes cgroup ACLs for devices and removes locks. + */ +void +qemuDomainDiskChainElementRevoke(virQEMUDriverPtr driver, + virDomainObjPtr vm, + virStorageSourcePtr elem) +{ + if (virSecurityManagerRestoreImageLabel(driver->securityManager, + vm->def, elem) < 0) + VIR_WARN("Unable to restore security label on %s", NULLSTR(elem->path)); + + if (qemuTeardownImageCgroup(vm, elem) < 0) + VIR_WARN("Failed to teardown cgroup for disk path %s", + NULLSTR(elem->path)); + + if (virDomainLockImageDetach(driver->lockManager, vm, elem) < 0) + VIR_WARN("Unable to release lock on %s", NULLSTR(elem->path)); +} + + +/** + * qemuDomainDiskChainElementPrepare: + * + * Allow a VM access to a single element of a disk backing chain; this helper + * ensures that the lock manager, cgroup device controller, and security manager + * labelling are all aware of each new file before it is added to a chain */ +int +qemuDomainDiskChainElementPrepare(virQEMUDriverPtr driver, + virDomainObjPtr vm, + virStorageSourcePtr elem, + bool readonly) +{ + bool was_readonly = elem->readonly; + virQEMUDriverConfigPtr cfg = NULL; + int ret = -1; + + cfg = virQEMUDriverGetConfig(driver); + + elem->readonly = readonly; + + if (virDomainLockImageAttach(driver->lockManager, cfg->uri, vm, elem) < 0) + goto cleanup; + + if (qemuSetupImageCgroup(vm, elem) < 0) + goto cleanup; + + if (virSecurityManagerSetImageLabel(driver->securityManager, vm->def, + elem) < 0) + goto cleanup; + + ret = 0; + + cleanup: + elem->readonly = was_readonly; + virObjectUnref(cfg); + return ret; +} + + bool qemuDomainDiskSourceDiffers(virConnectPtr conn, virDomainDiskDefPtr disk, diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 0d5b6c78dae5b321b0a9d55471d6277802293258..02c6012c9c8702092087ca16627b903d2f452bbd 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -460,6 +460,14 @@ int qemuDomainStorageFileInit(virQEMUDriverPtr driver, virStorageSourcePtr src); char *qemuDomainStorageAlias(const char *device, int depth); +void qemuDomainDiskChainElementRevoke(virQEMUDriverPtr driver, + virDomainObjPtr vm, + virStorageSourcePtr elem); +int qemuDomainDiskChainElementPrepare(virQEMUDriverPtr driver, + virDomainObjPtr vm, + virStorageSourcePtr elem, + bool readonly); + int qemuDomainCleanupAdd(virDomainObjPtr vm, qemuDomainCleanupCallback cb); void qemuDomainCleanupRemove(virDomainObjPtr vm, diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 6a403bd444abdefd0073db33355ea5a972c5ca83..f3503200e38cbdabdaf36ad47320da843f4dcf83 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -13503,69 +13503,6 @@ qemuDomainMigrateStartPostCopy(virDomainPtr dom, } -/** - * qemuDomainDiskChainElementRevoke: - * - * Revoke access to a single backing chain element. This restores the labels, - * removes cgroup ACLs for devices and removes locks. - */ -static void -qemuDomainDiskChainElementRevoke(virQEMUDriverPtr driver, - virDomainObjPtr vm, - virStorageSourcePtr elem) -{ - if (virSecurityManagerRestoreImageLabel(driver->securityManager, - vm->def, elem) < 0) - VIR_WARN("Unable to restore security label on %s", NULLSTR(elem->path)); - - if (qemuTeardownImageCgroup(vm, elem) < 0) - VIR_WARN("Failed to teardown cgroup for disk path %s", - NULLSTR(elem->path)); - - if (virDomainLockImageDetach(driver->lockManager, vm, elem) < 0) - VIR_WARN("Unable to release lock on %s", NULLSTR(elem->path)); -} - - -/** - * qemuDomainDiskChainElementPrepare: - * - * Allow a VM access to a single element of a disk backing chain; this helper - * ensures that the lock manager, cgroup device controller, and security manager - * labelling are all aware of each new file before it is added to a chain */ -static int -qemuDomainDiskChainElementPrepare(virQEMUDriverPtr driver, - virDomainObjPtr vm, - virStorageSourcePtr elem, - bool readonly) -{ - bool was_readonly = elem->readonly; - virQEMUDriverConfigPtr cfg = NULL; - int ret = -1; - - cfg = virQEMUDriverGetConfig(driver); - - elem->readonly = readonly; - - if (virDomainLockImageAttach(driver->lockManager, cfg->uri, vm, elem) < 0) - goto cleanup; - - if (qemuSetupImageCgroup(vm, elem) < 0) - goto cleanup; - - if (virSecurityManagerSetImageLabel(driver->securityManager, vm->def, - elem) < 0) - goto cleanup; - - ret = 0; - - cleanup: - elem->readonly = was_readonly; - virObjectUnref(cfg); - return ret; -} - - /* Return -1 if request is not sent to agent due to misconfig, -2 if request * is sent but failed, and number of frozen filesystems on success. If -2 is * returned, FSThaw should be called revert the quiesced status. */