提交 b0c6300f 编写于 作者: D Daniel P. Berrangé

qemu: ensure FDs passed to QEMU for chardevs have correct SELinux labels

The UNIX socket FDs were we passing to QEMU inherited a label based on
libvirtd's context. QEMU is thus denied ability to access the UNIX
socket. We need to use the security manager to change our current
context temporarily when creating the UNIX socket FD.
Reviewed-by: NLaine Stump <laine@laine.org>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
上级 a2913aed
...@@ -4931,6 +4931,7 @@ qemuOpenChrChardevUNIXSocket(const virDomainChrSourceDef *dev) ...@@ -4931,6 +4931,7 @@ qemuOpenChrChardevUNIXSocket(const virDomainChrSourceDef *dev)
* host side of the character device */ * host side of the character device */
static char * static char *
qemuBuildChrChardevStr(virLogManagerPtr logManager, qemuBuildChrChardevStr(virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virCommandPtr cmd, virCommandPtr cmd,
virQEMUDriverConfigPtr cfg, virQEMUDriverConfigPtr cfg,
const virDomainDef *def, const virDomainDef *def,
...@@ -5065,7 +5066,13 @@ qemuBuildChrChardevStr(virLogManagerPtr logManager, ...@@ -5065,7 +5066,13 @@ qemuBuildChrChardevStr(virLogManagerPtr logManager,
case VIR_DOMAIN_CHR_TYPE_UNIX: case VIR_DOMAIN_CHR_TYPE_UNIX:
if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_CHARDEV_FD_PASS)) { if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_CHARDEV_FD_PASS)) {
if (qemuSecuritySetSocketLabel(secManager, (virDomainDefPtr)def) < 0)
goto cleanup;
int fd = qemuOpenChrChardevUNIXSocket(dev); int fd = qemuOpenChrChardevUNIXSocket(dev);
if (qemuSecurityClearSocketLabel(secManager, (virDomainDefPtr)def) < 0) {
VIR_FORCE_CLOSE(fd);
goto cleanup;
}
if (fd < 0) if (fd < 0)
goto cleanup; goto cleanup;
...@@ -5404,6 +5411,7 @@ qemuBuildHostdevCommandLine(virCommandPtr cmd, ...@@ -5404,6 +5411,7 @@ qemuBuildHostdevCommandLine(virCommandPtr cmd,
static int static int
qemuBuildMonitorCommandLine(virLogManagerPtr logManager, qemuBuildMonitorCommandLine(virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virCommandPtr cmd, virCommandPtr cmd,
virQEMUDriverConfigPtr cfg, virQEMUDriverConfigPtr cfg,
virDomainDefPtr def, virDomainDefPtr def,
...@@ -5414,7 +5422,8 @@ qemuBuildMonitorCommandLine(virLogManagerPtr logManager, ...@@ -5414,7 +5422,8 @@ qemuBuildMonitorCommandLine(virLogManagerPtr logManager,
if (!priv->monConfig) if (!priv->monConfig)
return 0; return 0;
if (!(chrdev = qemuBuildChrChardevStr(logManager, cmd, cfg, def, if (!(chrdev = qemuBuildChrChardevStr(logManager, secManager,
cmd, cfg, def,
priv->monConfig, "monitor", priv->monConfig, "monitor",
priv->qemuCaps, true, priv->qemuCaps, true,
priv->chardevStdioLogd))) priv->chardevStdioLogd)))
...@@ -5533,6 +5542,7 @@ qemuBuildSclpDevStr(virDomainChrDefPtr dev) ...@@ -5533,6 +5542,7 @@ qemuBuildSclpDevStr(virDomainChrDefPtr dev)
static int static int
qemuBuildRNGBackendChrdevStr(virLogManagerPtr logManager, qemuBuildRNGBackendChrdevStr(virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virCommandPtr cmd, virCommandPtr cmd,
virQEMUDriverConfigPtr cfg, virQEMUDriverConfigPtr cfg,
const virDomainDef *def, const virDomainDef *def,
...@@ -5550,7 +5560,8 @@ qemuBuildRNGBackendChrdevStr(virLogManagerPtr logManager, ...@@ -5550,7 +5560,8 @@ qemuBuildRNGBackendChrdevStr(virLogManagerPtr logManager,
return 0; return 0;
case VIR_DOMAIN_RNG_BACKEND_EGD: case VIR_DOMAIN_RNG_BACKEND_EGD:
if (!(*chr = qemuBuildChrChardevStr(logManager, cmd, cfg, def, if (!(*chr = qemuBuildChrChardevStr(logManager, secManager,
cmd, cfg, def,
rng->source.chardev, rng->source.chardev,
rng->info.alias, qemuCaps, true, rng->info.alias, qemuCaps, true,
chardevStdioLogd))) chardevStdioLogd)))
...@@ -5680,6 +5691,7 @@ qemuBuildRNGDevStr(const virDomainDef *def, ...@@ -5680,6 +5691,7 @@ qemuBuildRNGDevStr(const virDomainDef *def,
static int static int
qemuBuildRNGCommandLine(virLogManagerPtr logManager, qemuBuildRNGCommandLine(virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virCommandPtr cmd, virCommandPtr cmd,
virQEMUDriverConfigPtr cfg, virQEMUDriverConfigPtr cfg,
const virDomainDef *def, const virDomainDef *def,
...@@ -5702,7 +5714,7 @@ qemuBuildRNGCommandLine(virLogManagerPtr logManager, ...@@ -5702,7 +5714,7 @@ qemuBuildRNGCommandLine(virLogManagerPtr logManager,
} }
/* possibly add character device for backend */ /* possibly add character device for backend */
if (qemuBuildRNGBackendChrdevStr(logManager, cmd, cfg, def, if (qemuBuildRNGBackendChrdevStr(logManager, secManager, cmd, cfg, def,
rng, qemuCaps, &tmp, rng, qemuCaps, &tmp,
chardevStdioLogd) < 0) chardevStdioLogd) < 0)
return -1; return -1;
...@@ -8135,6 +8147,7 @@ qemuBuildGraphicsCommandLine(virQEMUDriverConfigPtr cfg, ...@@ -8135,6 +8147,7 @@ qemuBuildGraphicsCommandLine(virQEMUDriverConfigPtr cfg,
static int static int
qemuBuildVhostuserCommandLine(virQEMUDriverPtr driver, qemuBuildVhostuserCommandLine(virQEMUDriverPtr driver,
virLogManagerPtr logManager, virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virCommandPtr cmd, virCommandPtr cmd,
virDomainDefPtr def, virDomainDefPtr def,
virDomainNetDefPtr net, virDomainNetDefPtr net,
...@@ -8157,7 +8170,8 @@ qemuBuildVhostuserCommandLine(virQEMUDriverPtr driver, ...@@ -8157,7 +8170,8 @@ qemuBuildVhostuserCommandLine(virQEMUDriverPtr driver,
switch ((virDomainChrType)net->data.vhostuser->type) { switch ((virDomainChrType)net->data.vhostuser->type) {
case VIR_DOMAIN_CHR_TYPE_UNIX: case VIR_DOMAIN_CHR_TYPE_UNIX:
if (!(chardev = qemuBuildChrChardevStr(logManager, cmd, cfg, def, if (!(chardev = qemuBuildChrChardevStr(logManager, secManager,
cmd, cfg, def,
net->data.vhostuser, net->data.vhostuser,
net->info.alias, qemuCaps, false, net->info.alias, qemuCaps, false,
chardevStdioLogd))) chardevStdioLogd)))
...@@ -8225,6 +8239,7 @@ qemuBuildVhostuserCommandLine(virQEMUDriverPtr driver, ...@@ -8225,6 +8239,7 @@ qemuBuildVhostuserCommandLine(virQEMUDriverPtr driver,
static int static int
qemuBuildInterfaceCommandLine(virQEMUDriverPtr driver, qemuBuildInterfaceCommandLine(virQEMUDriverPtr driver,
virLogManagerPtr logManager, virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virCommandPtr cmd, virCommandPtr cmd,
virDomainDefPtr def, virDomainDefPtr def,
virDomainNetDefPtr net, virDomainNetDefPtr net,
...@@ -8356,7 +8371,7 @@ qemuBuildInterfaceCommandLine(virQEMUDriverPtr driver, ...@@ -8356,7 +8371,7 @@ qemuBuildInterfaceCommandLine(virQEMUDriverPtr driver,
break; break;
case VIR_DOMAIN_NET_TYPE_VHOSTUSER: case VIR_DOMAIN_NET_TYPE_VHOSTUSER:
ret = qemuBuildVhostuserCommandLine(driver, logManager, cmd, def, ret = qemuBuildVhostuserCommandLine(driver, logManager, secManager, cmd, def,
net, qemuCaps, bootindex, net, qemuCaps, bootindex,
chardevStdioLogd); chardevStdioLogd);
goto cleanup; goto cleanup;
...@@ -8534,6 +8549,7 @@ qemuBuildInterfaceCommandLine(virQEMUDriverPtr driver, ...@@ -8534,6 +8549,7 @@ qemuBuildInterfaceCommandLine(virQEMUDriverPtr driver,
static int static int
qemuBuildNetCommandLine(virQEMUDriverPtr driver, qemuBuildNetCommandLine(virQEMUDriverPtr driver,
virLogManagerPtr logManager, virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virCommandPtr cmd, virCommandPtr cmd,
virDomainDefPtr def, virDomainDefPtr def,
virQEMUCapsPtr qemuCaps, virQEMUCapsPtr qemuCaps,
...@@ -8566,7 +8582,7 @@ qemuBuildNetCommandLine(virQEMUDriverPtr driver, ...@@ -8566,7 +8582,7 @@ qemuBuildNetCommandLine(virQEMUDriverPtr driver,
for (i = 0; i < def->nnets; i++) { for (i = 0; i < def->nnets; i++) {
virDomainNetDefPtr net = def->nets[i]; virDomainNetDefPtr net = def->nets[i];
if (qemuBuildInterfaceCommandLine(driver, logManager, cmd, def, net, if (qemuBuildInterfaceCommandLine(driver, logManager, secManager, cmd, def, net,
qemuCaps, bootNet, vmop, qemuCaps, bootNet, vmop,
standalone, nnicindexes, standalone, nnicindexes,
nicindexes, nicindexes,
...@@ -8629,6 +8645,7 @@ qemuBuildSmartcardFindCCIDController(const virDomainDef *def, ...@@ -8629,6 +8645,7 @@ qemuBuildSmartcardFindCCIDController(const virDomainDef *def,
static int static int
qemuBuildSmartcardCommandLine(virLogManagerPtr logManager, qemuBuildSmartcardCommandLine(virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virCommandPtr cmd, virCommandPtr cmd,
virQEMUDriverConfigPtr cfg, virQEMUDriverConfigPtr cfg,
const virDomainDef *def, const virDomainDef *def,
...@@ -8702,7 +8719,8 @@ qemuBuildSmartcardCommandLine(virLogManagerPtr logManager, ...@@ -8702,7 +8719,8 @@ qemuBuildSmartcardCommandLine(virLogManagerPtr logManager,
return -1; return -1;
} }
if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def, if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
cmd, cfg, def,
smartcard->data.passthru, smartcard->data.passthru,
smartcard->info.alias, smartcard->info.alias,
qemuCaps, true, qemuCaps, true,
...@@ -8862,6 +8880,7 @@ qemuBuildShmemBackendMemProps(virDomainShmemDefPtr shmem) ...@@ -8862,6 +8880,7 @@ qemuBuildShmemBackendMemProps(virDomainShmemDefPtr shmem)
static int static int
qemuBuildShmemCommandLine(virLogManagerPtr logManager, qemuBuildShmemCommandLine(virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virCommandPtr cmd, virCommandPtr cmd,
virQEMUDriverConfigPtr cfg, virQEMUDriverConfigPtr cfg,
virDomainDefPtr def, virDomainDefPtr def,
...@@ -8933,7 +8952,8 @@ qemuBuildShmemCommandLine(virLogManagerPtr logManager, ...@@ -8933,7 +8952,8 @@ qemuBuildShmemCommandLine(virLogManagerPtr logManager,
VIR_FREE(devstr); VIR_FREE(devstr);
if (shmem->server.enabled) { if (shmem->server.enabled) {
devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def, devstr = qemuBuildChrChardevStr(logManager, secManager,
cmd, cfg, def,
&shmem->server.chr, &shmem->server.chr,
shmem->info.alias, qemuCaps, true, shmem->info.alias, qemuCaps, true,
chardevStdioLogd); chardevStdioLogd);
...@@ -9020,6 +9040,7 @@ qemuChrIsPlatformDevice(const virDomainDef *def, ...@@ -9020,6 +9040,7 @@ qemuChrIsPlatformDevice(const virDomainDef *def,
static int static int
qemuBuildSerialCommandLine(virLogManagerPtr logManager, qemuBuildSerialCommandLine(virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virCommandPtr cmd, virCommandPtr cmd,
virQEMUDriverConfigPtr cfg, virQEMUDriverConfigPtr cfg,
const virDomainDef *def, const virDomainDef *def,
...@@ -9043,7 +9064,8 @@ qemuBuildSerialCommandLine(virLogManagerPtr logManager, ...@@ -9043,7 +9064,8 @@ qemuBuildSerialCommandLine(virLogManagerPtr logManager,
if (serial->source->type == VIR_DOMAIN_CHR_TYPE_SPICEPORT && !havespice) if (serial->source->type == VIR_DOMAIN_CHR_TYPE_SPICEPORT && !havespice)
continue; continue;
if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def, if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
cmd, cfg, def,
serial->source, serial->source,
serial->info.alias, serial->info.alias,
qemuCaps, true, qemuCaps, true,
...@@ -9080,6 +9102,7 @@ qemuBuildSerialCommandLine(virLogManagerPtr logManager, ...@@ -9080,6 +9102,7 @@ qemuBuildSerialCommandLine(virLogManagerPtr logManager,
static int static int
qemuBuildParallelsCommandLine(virLogManagerPtr logManager, qemuBuildParallelsCommandLine(virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virCommandPtr cmd, virCommandPtr cmd,
virQEMUDriverConfigPtr cfg, virQEMUDriverConfigPtr cfg,
const virDomainDef *def, const virDomainDef *def,
...@@ -9092,7 +9115,8 @@ qemuBuildParallelsCommandLine(virLogManagerPtr logManager, ...@@ -9092,7 +9115,8 @@ qemuBuildParallelsCommandLine(virLogManagerPtr logManager,
virDomainChrDefPtr parallel = def->parallels[i]; virDomainChrDefPtr parallel = def->parallels[i];
char *devstr; char *devstr;
if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def, if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
cmd, cfg, def,
parallel->source, parallel->source,
parallel->info.alias, parallel->info.alias,
qemuCaps, true, qemuCaps, true,
...@@ -9113,6 +9137,7 @@ qemuBuildParallelsCommandLine(virLogManagerPtr logManager, ...@@ -9113,6 +9137,7 @@ qemuBuildParallelsCommandLine(virLogManagerPtr logManager,
static int static int
qemuBuildChannelsCommandLine(virLogManagerPtr logManager, qemuBuildChannelsCommandLine(virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virCommandPtr cmd, virCommandPtr cmd,
virQEMUDriverConfigPtr cfg, virQEMUDriverConfigPtr cfg,
const virDomainDef *def, const virDomainDef *def,
...@@ -9127,7 +9152,8 @@ qemuBuildChannelsCommandLine(virLogManagerPtr logManager, ...@@ -9127,7 +9152,8 @@ qemuBuildChannelsCommandLine(virLogManagerPtr logManager,
switch (channel->targetType) { switch (channel->targetType) {
case VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_GUESTFWD: case VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_GUESTFWD:
if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def, if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
cmd, cfg, def,
channel->source, channel->source,
channel->info.alias, channel->info.alias,
qemuCaps, true, qemuCaps, true,
...@@ -9144,7 +9170,8 @@ qemuBuildChannelsCommandLine(virLogManagerPtr logManager, ...@@ -9144,7 +9170,8 @@ qemuBuildChannelsCommandLine(virLogManagerPtr logManager,
break; break;
case VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_VIRTIO: case VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_VIRTIO:
if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def, if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
cmd, cfg, def,
channel->source, channel->source,
channel->info.alias, channel->info.alias,
qemuCaps, true, qemuCaps, true,
...@@ -9166,6 +9193,7 @@ qemuBuildChannelsCommandLine(virLogManagerPtr logManager, ...@@ -9166,6 +9193,7 @@ qemuBuildChannelsCommandLine(virLogManagerPtr logManager,
static int static int
qemuBuildConsoleCommandLine(virLogManagerPtr logManager, qemuBuildConsoleCommandLine(virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virCommandPtr cmd, virCommandPtr cmd,
virQEMUDriverConfigPtr cfg, virQEMUDriverConfigPtr cfg,
const virDomainDef *def, const virDomainDef *def,
...@@ -9187,7 +9215,8 @@ qemuBuildConsoleCommandLine(virLogManagerPtr logManager, ...@@ -9187,7 +9215,8 @@ qemuBuildConsoleCommandLine(virLogManagerPtr logManager,
return -1; return -1;
} }
if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def, if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
cmd, cfg, def,
console->source, console->source,
console->info.alias, console->info.alias,
qemuCaps, true, qemuCaps, true,
...@@ -9208,7 +9237,8 @@ qemuBuildConsoleCommandLine(virLogManagerPtr logManager, ...@@ -9208,7 +9237,8 @@ qemuBuildConsoleCommandLine(virLogManagerPtr logManager,
return -1; return -1;
} }
if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def, if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
cmd, cfg, def,
console->source, console->source,
console->info.alias, console->info.alias,
qemuCaps, true, qemuCaps, true,
...@@ -9223,7 +9253,8 @@ qemuBuildConsoleCommandLine(virLogManagerPtr logManager, ...@@ -9223,7 +9253,8 @@ qemuBuildConsoleCommandLine(virLogManagerPtr logManager,
break; break;
case VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_VIRTIO: case VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_VIRTIO:
if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def, if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
cmd, cfg, def,
console->source, console->source,
console->info.alias, console->info.alias,
qemuCaps, true, qemuCaps, true,
...@@ -9342,6 +9373,7 @@ qemuBuildRedirdevDevStr(const virDomainDef *def, ...@@ -9342,6 +9373,7 @@ qemuBuildRedirdevDevStr(const virDomainDef *def,
static int static int
qemuBuildRedirdevCommandLine(virLogManagerPtr logManager, qemuBuildRedirdevCommandLine(virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virCommandPtr cmd, virCommandPtr cmd,
virQEMUDriverConfigPtr cfg, virQEMUDriverConfigPtr cfg,
const virDomainDef *def, const virDomainDef *def,
...@@ -9354,7 +9386,8 @@ qemuBuildRedirdevCommandLine(virLogManagerPtr logManager, ...@@ -9354,7 +9386,8 @@ qemuBuildRedirdevCommandLine(virLogManagerPtr logManager,
virDomainRedirdevDefPtr redirdev = def->redirdevs[i]; virDomainRedirdevDefPtr redirdev = def->redirdevs[i];
char *devstr; char *devstr;
if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def, if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
cmd, cfg, def,
redirdev->source, redirdev->source,
redirdev->info.alias, redirdev->info.alias,
qemuCaps, true, qemuCaps, true,
...@@ -10065,6 +10098,7 @@ qemuBuildVsockCommandLine(virCommandPtr cmd, ...@@ -10065,6 +10098,7 @@ qemuBuildVsockCommandLine(virCommandPtr cmd,
virCommandPtr virCommandPtr
qemuBuildCommandLine(virQEMUDriverPtr driver, qemuBuildCommandLine(virQEMUDriverPtr driver,
virLogManagerPtr logManager, virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virDomainObjPtr vm, virDomainObjPtr vm,
const char *migrateURI, const char *migrateURI,
virDomainSnapshotObjPtr snapshot, virDomainSnapshotObjPtr snapshot,
...@@ -10181,7 +10215,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver, ...@@ -10181,7 +10215,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver,
if (qemuBuildSgaCommandLine(cmd, def, qemuCaps) < 0) if (qemuBuildSgaCommandLine(cmd, def, qemuCaps) < 0)
goto error; goto error;
if (qemuBuildMonitorCommandLine(logManager, cmd, cfg, def, priv) < 0) if (qemuBuildMonitorCommandLine(logManager, secManager, cmd, cfg, def, priv) < 0)
goto error; goto error;
if (qemuBuildClockCommandLine(cmd, def, qemuCaps) < 0) if (qemuBuildClockCommandLine(cmd, def, qemuCaps) < 0)
...@@ -10211,29 +10245,29 @@ qemuBuildCommandLine(virQEMUDriverPtr driver, ...@@ -10211,29 +10245,29 @@ qemuBuildCommandLine(virQEMUDriverPtr driver,
if (qemuBuildFSDevCommandLine(cmd, def, qemuCaps) < 0) if (qemuBuildFSDevCommandLine(cmd, def, qemuCaps) < 0)
goto error; goto error;
if (qemuBuildNetCommandLine(driver, logManager, cmd, def, if (qemuBuildNetCommandLine(driver, logManager, secManager, cmd, def,
qemuCaps, vmop, standalone, qemuCaps, vmop, standalone,
nnicindexes, nicindexes, &bootHostdevNet, nnicindexes, nicindexes, &bootHostdevNet,
chardevStdioLogd) < 0) chardevStdioLogd) < 0)
goto error; goto error;
if (qemuBuildSmartcardCommandLine(logManager, cmd, cfg, def, qemuCaps, if (qemuBuildSmartcardCommandLine(logManager, secManager, cmd, cfg, def, qemuCaps,
chardevStdioLogd) < 0) chardevStdioLogd) < 0)
goto error; goto error;
if (qemuBuildSerialCommandLine(logManager, cmd, cfg, def, qemuCaps, if (qemuBuildSerialCommandLine(logManager, secManager, cmd, cfg, def, qemuCaps,
chardevStdioLogd) < 0) chardevStdioLogd) < 0)
goto error; goto error;
if (qemuBuildParallelsCommandLine(logManager, cmd, cfg, def, qemuCaps, if (qemuBuildParallelsCommandLine(logManager, secManager, cmd, cfg, def, qemuCaps,
chardevStdioLogd) < 0) chardevStdioLogd) < 0)
goto error; goto error;
if (qemuBuildChannelsCommandLine(logManager, cmd, cfg, def, qemuCaps, if (qemuBuildChannelsCommandLine(logManager, secManager, cmd, cfg, def, qemuCaps,
chardevStdioLogd) < 0) chardevStdioLogd) < 0)
goto error; goto error;
if (qemuBuildConsoleCommandLine(logManager, cmd, cfg, def, qemuCaps, if (qemuBuildConsoleCommandLine(logManager, secManager, cmd, cfg, def, qemuCaps,
chardevStdioLogd) < 0) chardevStdioLogd) < 0)
goto error; goto error;
...@@ -10258,7 +10292,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver, ...@@ -10258,7 +10292,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver,
if (qemuBuildWatchdogCommandLine(cmd, def, qemuCaps) < 0) if (qemuBuildWatchdogCommandLine(cmd, def, qemuCaps) < 0)
goto error; goto error;
if (qemuBuildRedirdevCommandLine(logManager, cmd, cfg, def, qemuCaps, if (qemuBuildRedirdevCommandLine(logManager, secManager, cmd, cfg, def, qemuCaps,
chardevStdioLogd) < 0) chardevStdioLogd) < 0)
goto error; goto error;
...@@ -10271,7 +10305,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver, ...@@ -10271,7 +10305,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver,
if (qemuBuildMemballoonCommandLine(cmd, def, qemuCaps) < 0) if (qemuBuildMemballoonCommandLine(cmd, def, qemuCaps) < 0)
goto error; goto error;
if (qemuBuildRNGCommandLine(logManager, cmd, cfg, def, qemuCaps, if (qemuBuildRNGCommandLine(logManager, secManager, cmd, cfg, def, qemuCaps,
chardevStdioLogd) < 0) chardevStdioLogd) < 0)
goto error; goto error;
...@@ -10306,7 +10340,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver, ...@@ -10306,7 +10340,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver,
goto error; goto error;
for (i = 0; i < def->nshmems; i++) { for (i = 0; i < def->nshmems; i++) {
if (qemuBuildShmemCommandLine(logManager, cmd, cfg, if (qemuBuildShmemCommandLine(logManager, secManager, cmd, cfg,
def, def->shmems[i], qemuCaps, def, def->shmems[i], qemuCaps,
chardevStdioLogd)) chardevStdioLogd))
goto error; goto error;
......
...@@ -46,6 +46,7 @@ VIR_ENUM_DECL(qemuVideo) ...@@ -46,6 +46,7 @@ VIR_ENUM_DECL(qemuVideo)
virCommandPtr qemuBuildCommandLine(virQEMUDriverPtr driver, virCommandPtr qemuBuildCommandLine(virQEMUDriverPtr driver,
virLogManagerPtr logManager, virLogManagerPtr logManager,
virSecurityManagerPtr secManager,
virDomainObjPtr vm, virDomainObjPtr vm,
const char *migrateURI, const char *migrateURI,
virDomainSnapshotObjPtr snapshot, virDomainSnapshotObjPtr snapshot,
......
...@@ -6174,6 +6174,7 @@ qemuProcessLaunch(virConnectPtr conn, ...@@ -6174,6 +6174,7 @@ qemuProcessLaunch(virConnectPtr conn,
VIR_DEBUG("Building emulator command line"); VIR_DEBUG("Building emulator command line");
if (!(cmd = qemuBuildCommandLine(driver, if (!(cmd = qemuBuildCommandLine(driver,
qemuDomainLogContextGetManager(logCtxt), qemuDomainLogContextGetManager(logCtxt),
driver->securityManager,
vm, vm,
incoming ? incoming->launchURI : NULL, incoming ? incoming->launchURI : NULL,
snapshot, vmop, snapshot, vmop,
...@@ -6642,6 +6643,7 @@ qemuProcessCreatePretendCmd(virQEMUDriverPtr driver, ...@@ -6642,6 +6643,7 @@ qemuProcessCreatePretendCmd(virQEMUDriverPtr driver,
VIR_DEBUG("Building emulator command line"); VIR_DEBUG("Building emulator command line");
cmd = qemuBuildCommandLine(driver, cmd = qemuBuildCommandLine(driver,
NULL, NULL,
driver->securityManager,
vm, vm,
migrateURI, migrateURI,
NULL, NULL,
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册