From nobody Wed May 14 13:23:51 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1522853038712364.0347456303168; Wed, 4 Apr 2018 07:43:58 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 31EEDC03677B; Wed, 4 Apr 2018 14:43:57 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 006A67EE2C; Wed, 4 Apr 2018 14:43:56 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B4E1E4CAA4; Wed, 4 Apr 2018 14:43:56 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w34Eg5BR020183 for ; Wed, 4 Apr 2018 10:42:05 -0400 Received: by smtp.corp.redhat.com (Postfix) id 9AE26215CDCA; Wed, 4 Apr 2018 14:42:05 +0000 (UTC) Received: from virval.usersys.redhat.com (unknown [10.43.2.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5E225215CDC6 for ; Wed, 4 Apr 2018 14:42:05 +0000 (UTC) Received: by virval.usersys.redhat.com (Postfix, from userid 500) id 9DD171044E4; Wed, 4 Apr 2018 16:42:01 +0200 (CEST) From: Jiri Denemark To: libvir-list@redhat.com Date: Wed, 4 Apr 2018 16:41:05 +0200 Message-Id: <179fe5dd7a8793c50ae41aaa5ec90c45e8916501.1522852107.git.jdenemar@redhat.com> In-Reply-To: References: In-Reply-To: References: Mail-Followup-To: libvir-list@redhat.com X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 16/68] qemu: Drop qemuMigrationParamsCheckSetupTLS X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Wed, 04 Apr 2018 14:43:57 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" The code can be merged directly in qemuMigrationParamsAddTLSObjects. Signed-off-by: Jiri Denemark --- src/qemu/qemu_migration.c | 15 ------- src/qemu/qemu_migration_params.c | 73 ++++++++++---------------------- src/qemu/qemu_migration_params.h | 6 --- 3 files changed, 23 insertions(+), 71 deletions(-) diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index 3c25e0e27f..072a5c95ae 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -2045,7 +2045,6 @@ qemuMigrationSrcBegin(virConnectPtr conn, unsigned long flags) { virQEMUDriverPtr driver =3D conn->privateData; - virQEMUDriverConfigPtr cfg =3D NULL; char *xml =3D NULL; qemuDomainAsyncJob asyncJob; =20 @@ -2079,12 +2078,6 @@ qemuMigrationSrcBegin(virConnectPtr conn, nmigrate_disks, migrate_disks, = flags))) goto endjob; =20 - if (flags & VIR_MIGRATE_TLS) { - cfg =3D virQEMUDriverGetConfig(driver); - if (qemuMigrationParamsCheckSetupTLS(driver, cfg, vm, asyncJob) < = 0) - goto endjob; - } - if ((flags & VIR_MIGRATE_CHANGE_PROTECTION)) { /* We keep the job active across API calls until the confirm() cal= l. * This prevents any other APIs being invoked while migration is t= aking @@ -2101,7 +2094,6 @@ qemuMigrationSrcBegin(virConnectPtr conn, } =20 cleanup: - virObjectUnref(cfg); virDomainObjEndAPI(&vm); return xml; =20 @@ -2463,10 +2455,6 @@ qemuMigrationDstPrepareAny(virQEMUDriverPtr driver, * set the migration TLS parameters */ if (flags & VIR_MIGRATE_TLS) { cfg =3D virQEMUDriverGetConfig(driver); - if (qemuMigrationParamsCheckSetupTLS(driver, cfg, vm, - QEMU_ASYNC_JOB_MIGRATION_IN) = < 0) - goto stopjob; - if (qemuMigrationParamsAddTLSObjects(driver, vm, cfg, true, QEMU_ASYNC_JOB_MIGRATION_IN, &tlsAlias, &secAlias, migPara= ms) < 0) @@ -3424,9 +3412,6 @@ qemuMigrationSrcRun(virQEMUDriverPtr driver, =20 if (flags & VIR_MIGRATE_TLS) { cfg =3D virQEMUDriverGetConfig(driver); - - /* Begin/CheckSetupTLS already set up migTLSAlias, the following - * assumes that and adds the TLS objects to the domain. */ if (qemuMigrationParamsAddTLSObjects(driver, vm, cfg, false, QEMU_ASYNC_JOB_MIGRATION_OUT, &tlsAlias, &secAlias, migPara= ms) < 0) diff --git a/src/qemu/qemu_migration_params.c b/src/qemu/qemu_migration_par= ams.c index 43098de904..bee7d9796f 100644 --- a/src/qemu/qemu_migration_params.c +++ b/src/qemu/qemu_migration_params.c @@ -179,56 +179,6 @@ qemuMigrationParamsCheckTLSCreds(virQEMUDriverPtr driv= er, } =20 =20 -/* qemuMigrationParamsCheckSetupTLS - * @driver: pointer to qemu driver - * @vm: domain object - * @cfg: configuration pointer - * @asyncJob: migration job to join - * - * Check if TLS is possible and set up the environment. Assumes the caller - * desires to use TLS (e.g. caller found VIR_MIGRATE_TLS flag). - * - * Ensure the qemu.conf has been properly configured to add an entry for - * "migrate_tls_x509_cert_dir". Also check if the "tls-creds" parameter - * was present from a query of migration parameters - * - * Returns 0 on success, -1 on error/failure - */ -int -qemuMigrationParamsCheckSetupTLS(virQEMUDriverPtr driver, - virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, - int asyncJob) -{ - qemuDomainObjPrivatePtr priv =3D vm->privateData; - - if (!cfg->migrateTLSx509certdir) { - virReportError(VIR_ERR_OPERATION_INVALID, "%s", - _("host migration TLS directory not configured")); - return -1; - } - - if (qemuMigrationParamsCheckTLSCreds(driver, vm, asyncJob) < 0) - return -1; - - if (!priv->migTLSAlias) { - virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", - _("TLS migration is not supported with this " - "QEMU binary")); - return -1; - } - - /* If there's a secret, then grab/store it now using the connection */ - if (cfg->migrateTLSx509secretUUID && - !(priv->migSecinfo =3D - qemuDomainSecretInfoTLSNew(priv, QEMU_MIGRATION_TLS_ALIAS_BASE, - cfg->migrateTLSx509secretUUID))) - return -1; - - return 0; -} - - /* qemuMigrationParamsAddTLSObjects * @driver: pointer to qemu driver * @vm: domain object @@ -257,6 +207,29 @@ qemuMigrationParamsAddTLSObjects(virQEMUDriverPtr driv= er, virJSONValuePtr tlsProps =3D NULL; virJSONValuePtr secProps =3D NULL; =20 + if (!cfg->migrateTLSx509certdir) { + virReportError(VIR_ERR_OPERATION_INVALID, "%s", + _("host migration TLS directory not configured")); + goto error; + } + + if (qemuMigrationParamsCheckTLSCreds(driver, vm, asyncJob) < 0) + goto error; + + if (!priv->migTLSAlias) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", + _("TLS migration is not supported with this " + "QEMU binary")); + goto error; + } + + /* If there's a secret, then grab/store it now using the connection */ + if (cfg->migrateTLSx509secretUUID && + !(priv->migSecinfo =3D + qemuDomainSecretInfoTLSNew(priv, QEMU_MIGRATION_TLS_ALIAS_BASE, + cfg->migrateTLSx509secretUUID))) + goto error; + if (qemuDomainGetTLSObjects(priv->qemuCaps, priv->migSecinfo, cfg->migrateTLSx509certdir, tlsListen, cfg->migrateTLSx509verify, diff --git a/src/qemu/qemu_migration_params.h b/src/qemu/qemu_migration_par= ams.h index 5e5e81ee07..1c41a5620f 100644 --- a/src/qemu/qemu_migration_params.h +++ b/src/qemu/qemu_migration_params.h @@ -71,12 +71,6 @@ qemuMigrationParamsSet(virQEMUDriverPtr driver, int asyncJob, qemuMigrationParamsPtr migParams); =20 -int -qemuMigrationParamsCheckSetupTLS(virQEMUDriverPtr driver, - virQEMUDriverConfigPtr cfg, - virDomainObjPtr vm, - int asyncJob); - int qemuMigrationParamsAddTLSObjects(virQEMUDriverPtr driver, virDomainObjPtr vm, --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list