From nobody Wed May 14 21:44:46 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1516974253229826.7916836740579; Fri, 26 Jan 2018 05:44:13 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 2A41FC2E4C; Fri, 26 Jan 2018 13:44:10 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C445860BF4; Fri, 26 Jan 2018 13:44:09 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 5FD333FB1F; Fri, 26 Jan 2018 13:44:09 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w0QDZrCb025237 for ; Fri, 26 Jan 2018 08:35:53 -0500 Received: by smtp.corp.redhat.com (Postfix) id 9CE30649B2; Fri, 26 Jan 2018 13:35:53 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.55]) by smtp.corp.redhat.com (Postfix) with ESMTP id B1DF975A0A; Fri, 26 Jan 2018 13:35:52 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Fri, 26 Jan 2018 13:35:36 +0000 Message-Id: <20180126133537.31883-10-berrange@redhat.com> In-Reply-To: <20180126133537.31883-1-berrange@redhat.com> References: <20180126133537.31883-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 09/10] storage: open secret driver connection at time of use X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Fri, 26 Jan 2018 13:44:12 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Instead of passing around a virConnectPtr object, just open a connection to the secret driver at time of use. Opening connections on demand will be beneficial when the secret driver is in a separate daemon. It also solves the problem that a number of callers just pass in a NULL connection today which prevents secret lookup working at all. Signed-off-by: Daniel P. Berrang=C3=A9 --- src/storage/storage_backend_iscsi.c | 14 +++--- src/storage/storage_backend_logical.c | 2 +- src/storage/storage_backend_rbd.c | 41 +++++++-------- src/storage/storage_util.c | 95 ++++++++++++++++---------------= ---- src/storage/storage_util.h | 6 +-- 5 files changed, 71 insertions(+), 87 deletions(-) diff --git a/src/storage/storage_backend_iscsi.c b/src/storage/storage_back= end_iscsi.c index b0c5096adb..921215c9e9 100644 --- a/src/storage/storage_backend_iscsi.c +++ b/src/storage/storage_backend_iscsi.c @@ -273,13 +273,13 @@ virStorageBackendISCSICheckPool(virStoragePoolObjPtr = pool, =20 static int virStorageBackendISCSISetAuth(const char *portal, - virConnectPtr conn, virStoragePoolSourcePtr source) { unsigned char *secret_value =3D NULL; size_t secret_size; virStorageAuthDefPtr authdef =3D source->auth; int ret =3D -1; + virConnectPtr conn =3D NULL; =20 if (!authdef || authdef->authType =3D=3D VIR_STORAGE_AUTH_TYPE_NONE) return 0; @@ -292,12 +292,9 @@ virStorageBackendISCSISetAuth(const char *portal, return -1; } =20 - if (!conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("iscsi 'chap' authentication not supported " - "for autostarted pools")); + conn =3D virConnectOpen(geteuid() =3D=3D 0 ? "secret:///system" : "sec= ret:///session"); + if (!conn) return -1; - } =20 if (virSecretGetSecretString(conn, &authdef->seclookupdef, VIR_SECRET_USAGE_TYPE_ISCSI, @@ -322,11 +319,12 @@ virStorageBackendISCSISetAuth(const char *portal, =20 cleanup: VIR_DISPOSE_N(secret_value, secret_size); + virObjectUnref(conn); return ret; } =20 static int -virStorageBackendISCSIStartPool(virConnectPtr conn, +virStorageBackendISCSIStartPool(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool) { virStoragePoolDefPtr def =3D virStoragePoolObjGetDef(pool); @@ -362,7 +360,7 @@ virStorageBackendISCSIStartPool(virConnectPtr conn, if (virISCSINodeNew(portal, def->source.devices[0].path) < 0) goto cleanup; =20 - if (virStorageBackendISCSISetAuth(portal, conn, &def->source) < 0) + if (virStorageBackendISCSISetAuth(portal, &def->source) < 0) goto cleanup; =20 if (virISCSIConnectionLogin(portal, diff --git a/src/storage/storage_backend_logical.c b/src/storage/storage_ba= ckend_logical.c index 5df30de29d..64bfc8c976 100644 --- a/src/storage/storage_backend_logical.c +++ b/src/storage/storage_backend_logical.c @@ -997,7 +997,7 @@ virStorageBackendLogicalCreateVol(virConnectPtr conn, return -1; =20 if (vol->target.encryption && - virStorageBackendCreateVolUsingQemuImg(conn, pool, vol, NULL, 0) <= 0) + virStorageBackendCreateVolUsingQemuImg(pool, vol, NULL, 0) < 0) goto error; =20 if ((fd =3D virStorageBackendVolOpen(vol->target.path, &sb, diff --git a/src/storage/storage_backend_rbd.c b/src/storage/storage_backen= d_rbd.c index 7f9597cabe..e901f370d5 100644 --- a/src/storage/storage_backend_rbd.c +++ b/src/storage/storage_backend_rbd.c @@ -71,7 +71,6 @@ virStorageBackendRBDRADOSConfSet(rados_t cluster, =20 static int virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDStatePtr ptr, - virConnectPtr conn, virStoragePoolSourcePtr source) { int ret =3D -1; @@ -87,6 +86,7 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDSta= tePtr ptr, const char *mon_op_timeout =3D "30"; const char *osd_op_timeout =3D "30"; const char *rbd_default_format =3D "2"; + virConnectPtr conn =3D NULL; =20 if (authdef) { VIR_DEBUG("Using cephx authorization, username: %s", authdef->user= name); @@ -96,12 +96,9 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDSt= atePtr ptr, goto cleanup; } =20 - if (!conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("'ceph' authentication not supported " - "for autostarted pools")); + conn =3D virConnectOpen(geteuid() =3D=3D 0 ? "secret:///system" : = "secret:///session"); + if (!conn) return -1; - } =20 if (virSecretGetSecretString(conn, &authdef->seclookupdef, VIR_SECRET_USAGE_TYPE_CEPH, @@ -201,6 +198,7 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDS= tatePtr ptr, VIR_DISPOSE_N(secret_value, secret_value_size); VIR_DISPOSE_STRING(rados_key); =20 + virObjectUnref(conn); virBufferFreeAndReset(&mon_host); VIR_FREE(mon_buff); return ret; @@ -252,8 +250,7 @@ virStorageBackendRBDFreeState(virStorageBackendRBDState= Ptr *ptr) =20 =20 static virStorageBackendRBDStatePtr -virStorageBackendRBDNewState(virConnectPtr conn, - virStoragePoolObjPtr pool) +virStorageBackendRBDNewState(virStoragePoolObjPtr pool) { virStorageBackendRBDStatePtr ptr; virStoragePoolDefPtr def =3D virStoragePoolObjGetDef(pool); @@ -261,7 +258,7 @@ virStorageBackendRBDNewState(virConnectPtr conn, if (VIR_ALLOC(ptr) < 0) return NULL; =20 - if (virStorageBackendRBDOpenRADOSConn(ptr, conn, &def->source) < 0) + if (virStorageBackendRBDOpenRADOSConn(ptr, &def->source) < 0) goto error; =20 if (virStorageBackendRBDOpenIoCTX(ptr, pool) < 0) @@ -423,7 +420,7 @@ volStorageBackendRBDRefreshVolInfo(virStorageVolDefPtr = vol, } =20 static int -virStorageBackendRBDRefreshPool(virConnectPtr conn, +virStorageBackendRBDRefreshPool(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool) { size_t max_size =3D 1024; @@ -436,7 +433,7 @@ virStorageBackendRBDRefreshPool(virConnectPtr conn, struct rados_cluster_stat_t clusterstat; struct rados_pool_stat_t poolstat; =20 - if (!(ptr =3D virStorageBackendRBDNewState(conn, pool))) + if (!(ptr =3D virStorageBackendRBDNewState(pool))) goto cleanup; =20 if ((r =3D rados_cluster_stat(ptr->cluster, &clusterstat)) < 0) { @@ -605,7 +602,7 @@ virStorageBackendRBDCleanupSnapshots(rados_ioctx_t ioct= x, } =20 static int -virStorageBackendRBDDeleteVol(virConnectPtr conn, +virStorageBackendRBDDeleteVol(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool, virStorageVolDefPtr vol, unsigned int flags) @@ -623,7 +620,7 @@ virStorageBackendRBDDeleteVol(virConnectPtr conn, if (flags & VIR_STORAGE_VOL_DELETE_ZEROED) VIR_WARN("%s", "This storage backend does not support zeroed remov= al of volumes"); =20 - if (!(ptr =3D virStorageBackendRBDNewState(conn, pool))) + if (!(ptr =3D virStorageBackendRBDNewState(pool))) goto cleanup; =20 if (flags & VIR_STORAGE_VOL_DELETE_WITH_SNAPSHOTS) { @@ -685,7 +682,7 @@ static int virStorageBackendRBDCreateImage(rados_ioctx_= t io, } =20 static int -virStorageBackendRBDBuildVol(virConnectPtr conn, +virStorageBackendRBDBuildVol(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool, virStorageVolDefPtr vol, unsigned int flags) @@ -718,7 +715,7 @@ virStorageBackendRBDBuildVol(virConnectPtr conn, goto cleanup; } =20 - if (!(ptr =3D virStorageBackendRBDNewState(conn, pool))) + if (!(ptr =3D virStorageBackendRBDNewState(pool))) goto cleanup; =20 if ((r =3D virStorageBackendRBDCreateImage(ptr->ioctx, vol->name, @@ -1041,7 +1038,7 @@ virStorageBackendRBDCloneImage(rados_ioctx_t io, } =20 static int -virStorageBackendRBDBuildVolFrom(virConnectPtr conn, +virStorageBackendRBDBuildVolFrom(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool, virStorageVolDefPtr newvol, virStorageVolDefPtr origvol, @@ -1056,7 +1053,7 @@ virStorageBackendRBDBuildVolFrom(virConnectPtr conn, =20 virCheckFlags(0, -1); =20 - if (!(ptr =3D virStorageBackendRBDNewState(conn, pool))) + if (!(ptr =3D virStorageBackendRBDNewState(pool))) goto cleanup; =20 if ((virStorageBackendRBDCloneImage(ptr->ioctx, origvol->name, @@ -1071,14 +1068,14 @@ virStorageBackendRBDBuildVolFrom(virConnectPtr conn, } =20 static int -virStorageBackendRBDRefreshVol(virConnectPtr conn, +virStorageBackendRBDRefreshVol(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool ATTRIBUTE_UNUSED, virStorageVolDefPtr vol) { virStorageBackendRBDStatePtr ptr =3D NULL; int ret =3D -1; =20 - if (!(ptr =3D virStorageBackendRBDNewState(conn, pool))) + if (!(ptr =3D virStorageBackendRBDNewState(pool))) goto cleanup; =20 if (volStorageBackendRBDRefreshVolInfo(vol, pool, ptr) < 0) @@ -1105,7 +1102,7 @@ virStorageBackendRBDResizeVol(virConnectPtr conn ATTR= IBUTE_UNUSED, =20 virCheckFlags(0, -1); =20 - if (!(ptr =3D virStorageBackendRBDNewState(conn, pool))) + if (!(ptr =3D virStorageBackendRBDNewState(pool))) goto cleanup; =20 if ((r =3D rbd_open(ptr->ioctx, vol->name, &image, NULL)) < 0) { @@ -1204,7 +1201,7 @@ virStorageBackendRBDVolWipeDiscard(rbd_image_t image, } =20 static int -virStorageBackendRBDVolWipe(virConnectPtr conn, +virStorageBackendRBDVolWipe(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool, virStorageVolDefPtr vol, unsigned int algorithm, @@ -1222,7 +1219,7 @@ virStorageBackendRBDVolWipe(virConnectPtr conn, =20 VIR_DEBUG("Wiping RBD image %s/%s", def->source.name, vol->name); =20 - if (!(ptr =3D virStorageBackendRBDNewState(conn, pool))) + if (!(ptr =3D virStorageBackendRBDNewState(pool))) goto cleanup; =20 if ((r =3D rbd_open(ptr->ioctx, vol->name, &image, NULL)) < 0) { diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c index 9e1b63a436..5995921570 100644 --- a/src/storage/storage_util.c +++ b/src/storage/storage_util.c @@ -497,7 +497,7 @@ virStorageGenerateSecretUUID(virConnectPtr conn, _("unable to generate uuid")); return -1; } - tmp =3D conn->secretDriver->secretLookupByUUID(conn, uuid); + tmp =3D virSecretLookupByUUID(conn, uuid); if (tmp =3D=3D NULL) return 0; =20 @@ -511,8 +511,7 @@ virStorageGenerateSecretUUID(virConnectPtr conn, } =20 static int -virStorageGenerateQcowEncryption(virConnectPtr conn, - virStorageVolDefPtr vol) +virStorageGenerateQcowEncryption(virStorageVolDefPtr vol) { virSecretDefPtr def =3D NULL; virBuffer buf =3D VIR_BUFFER_INITIALIZER; @@ -522,15 +521,11 @@ virStorageGenerateQcowEncryption(virConnectPtr conn, char *xml; unsigned char value[VIR_STORAGE_QCOW_PASSPHRASE_SIZE]; int ret =3D -1; + virConnectPtr conn =3D NULL; =20 - if (conn->secretDriver =3D=3D NULL || - conn->secretDriver->secretLookupByUUID =3D=3D NULL || - conn->secretDriver->secretDefineXML =3D=3D NULL || - conn->secretDriver->secretSetValue =3D=3D NULL) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("secret storage not supported")); - goto cleanup; - } + conn =3D virConnectOpen(geteuid() =3D=3D 0 ? "secret:///system" : "sec= ret:///session"); + if (!conn) + return -1; =20 enc =3D vol->target.encryption; if (enc->nsecrets !=3D 0) { @@ -557,7 +552,7 @@ virStorageGenerateQcowEncryption(virConnectPtr conn, if (xml =3D=3D NULL) goto cleanup; =20 - secret =3D conn->secretDriver->secretDefineXML(conn, xml, 0); + secret =3D virSecretDefineXML(conn, xml, 0); if (secret =3D=3D NULL) { VIR_FREE(xml); goto cleanup; @@ -567,7 +562,7 @@ virStorageGenerateQcowEncryption(virConnectPtr conn, if (virStorageGenerateQcowPassphrase(value) < 0) goto cleanup; =20 - if (conn->secretDriver->secretSetValue(secret, value, sizeof(value), 0= ) < 0) + if (virSecretSetValue(secret, value, sizeof(value), 0) < 0) goto cleanup; =20 enc_secret->type =3D VIR_STORAGE_ENCRYPTION_SECRET_TYPE_PASSPHRASE; @@ -582,11 +577,11 @@ virStorageGenerateQcowEncryption(virConnectPtr conn, =20 cleanup: if (secret !=3D NULL) { - if (ret !=3D 0 && - conn->secretDriver->secretUndefine !=3D NULL) - conn->secretDriver->secretUndefine(secret); + if (ret !=3D 0) + virSecretUndefine(secret); virObjectUnref(secret); } + virObjectUnref(conn); virBufferFreeAndReset(&buf); virSecretDefFree(def); VIR_FREE(enc_secret); @@ -942,7 +937,6 @@ storageBackendCreateQemuImgOpts(virStorageEncryptionInf= oDefPtr enc, static int storageBackendCreateQemuImgCheckEncryption(int format, const char *type, - virConnectPtr conn, virStorageVolDefPtr vol) { virStorageEncryptionPtr enc =3D vol->target.encryption; @@ -962,7 +956,7 @@ storageBackendCreateQemuImgCheckEncryption(int format, } if (enc->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT || enc->nsecrets =3D=3D 0) { - if (virStorageGenerateQcowEncryption(conn, vol) < 0) + if (virStorageGenerateQcowEncryption(vol) < 0) return -1; } } else if (format =3D=3D VIR_STORAGE_FILE_RAW) { @@ -1178,8 +1172,7 @@ storageBackendResizeQemuImgImageOpts(virCommandPtr cm= d, * volume definitions and imgformat */ virCommandPtr -virStorageBackendCreateQemuImgCmdFromVol(virConnectPtr conn, - virStoragePoolObjPtr pool, +virStorageBackendCreateQemuImgCmdFromVol(virStoragePoolObjPtr pool, virStorageVolDefPtr vol, virStorageVolDefPtr inputvol, unsigned int flags, @@ -1264,7 +1257,7 @@ virStorageBackendCreateQemuImgCmdFromVol(virConnectPt= r conn, =20 if (info.encryption && storageBackendCreateQemuImgCheckEncryption(info.format, type, - conn, vol) < 0) + vol) < 0) return NULL; =20 =20 @@ -1317,8 +1310,7 @@ virStorageBackendCreateQemuImgCmdFromVol(virConnectPt= r conn, =20 =20 static char * -storageBackendCreateQemuImgSecretPath(virConnectPtr conn, - virStoragePoolObjPtr pool, +storageBackendCreateQemuImgSecretPath(virStoragePoolObjPtr pool, virStorageVolDefPtr vol) { virStorageEncryptionPtr enc =3D vol->target.encryption; @@ -1326,6 +1318,7 @@ storageBackendCreateQemuImgSecretPath(virConnectPtr c= onn, int fd =3D -1; uint8_t *secret =3D NULL; size_t secretlen =3D 0; + virConnectPtr conn =3D NULL; =20 if (!enc) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", @@ -1333,14 +1326,9 @@ storageBackendCreateQemuImgSecretPath(virConnectPtr = conn, return NULL; } =20 - if (!conn || !conn->secretDriver || - !conn->secretDriver->secretLookupByUUID || - !conn->secretDriver->secretLookupByUsage || - !conn->secretDriver->secretGetValue) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("unable to look up encryption secret")); + conn =3D virConnectOpen(geteuid() =3D=3D 0 ? "secret:///system" : "sec= ret:///session"); + if (!conn) return NULL; - } =20 if (!(secretPath =3D virStoragePoolObjBuildTempFilePath(pool, vol))) goto cleanup; @@ -1374,6 +1362,7 @@ storageBackendCreateQemuImgSecretPath(virConnectPtr c= onn, } =20 cleanup: + virObjectUnref(conn); VIR_DISPOSE_N(secret, secretlen); VIR_FORCE_CLOSE(fd); =20 @@ -1387,7 +1376,7 @@ storageBackendCreateQemuImgSecretPath(virConnectPtr c= onn, =20 =20 static int -storageBackendCreateQemuImg(virConnectPtr conn, +storageBackendCreateQemuImg(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool, virStorageVolDefPtr vol, virStorageVolDefPtr inputvol, @@ -1417,11 +1406,11 @@ storageBackendCreateQemuImg(virConnectPtr conn, vol->target.encryption && vol->target.encryption->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMA= T_LUKS) { if (!(secretPath =3D - storageBackendCreateQemuImgSecretPath(conn, pool, vol))) + storageBackendCreateQemuImgSecretPath(pool, vol))) goto cleanup; } =20 - cmd =3D virStorageBackendCreateQemuImgCmdFromVol(conn, pool, vol, inpu= tvol, + cmd =3D virStorageBackendCreateQemuImgCmdFromVol(pool, vol, inputvol, flags, create_tool, imgformat, secretPath); if (!cmd) @@ -1442,7 +1431,6 @@ storageBackendCreateQemuImg(virConnectPtr conn, =20 /** * virStorageBackendCreateVolUsingQemuImg - * @conn: Connection pointer * @pool: Storage Pool Object * @vol: Volume definition * @inputvol: Volume to use for creation @@ -1458,8 +1446,7 @@ storageBackendCreateQemuImg(virConnectPtr conn, * Returns: 0 on success, -1 on failure. */ int -virStorageBackendCreateVolUsingQemuImg(virConnectPtr conn, - virStoragePoolObjPtr pool, +virStorageBackendCreateVolUsingQemuImg(virStoragePoolObjPtr pool, virStorageVolDefPtr vol, virStorageVolDefPtr inputvol, unsigned int flags) @@ -1472,7 +1459,7 @@ virStorageBackendCreateVolUsingQemuImg(virConnectPtr = conn, changeFormat =3D true; } =20 - ret =3D storageBackendCreateQemuImg(conn, pool, vol, inputvol, flags); + ret =3D storageBackendCreateQemuImg(NULL, pool, vol, inputvol, flags); =20 if (changeFormat) vol->target.format =3D VIR_STORAGE_FILE_NONE; @@ -2290,7 +2277,6 @@ virStorageBackendVolDeleteLocal(virConnectPtr conn AT= TRIBUTE_UNUSED, =20 =20 /* storageBackendLoadDefaultSecrets: - * @conn: Connection pointer to fetch secret * @vol: volume being refreshed * * If the volume had a secret generated, we need to regenerate the @@ -2300,15 +2286,19 @@ virStorageBackendVolDeleteLocal(virConnectPtr conn = ATTRIBUTE_UNUSED, * -1 on failures w/ error message set */ static int -storageBackendLoadDefaultSecrets(virConnectPtr conn, - virStorageVolDefPtr vol) +storageBackendLoadDefaultSecrets(virStorageVolDefPtr vol) { virSecretPtr sec; virStorageEncryptionSecretPtr encsec =3D NULL; + virConnectPtr conn =3D NULL; =20 if (!vol->target.encryption || vol->target.encryption->nsecrets !=3D 0) return 0; =20 + conn =3D virConnectOpen(geteuid() =3D=3D 0 ? "secret:///system" : "sec= ret:///session"); + if (!conn) + return -1; + /* The encryption secret for qcow2 and luks volumes use the path * to the volume, so look for a secret with the path. If not found, * then we cannot generate the secret after a refresh (or restart). @@ -2316,8 +2306,10 @@ storageBackendLoadDefaultSecrets(virConnectPtr conn, * a usage string that although matched with the secret usage string, * didn't contain the path to the volume. We won't error in that case, * but we also cannot find the secret. */ - if (!(sec =3D virSecretLookupByUsage(conn, VIR_SECRET_USAGE_TYPE_VOLUM= E, - vol->target.path))) + sec =3D virSecretLookupByUsage(conn, VIR_SECRET_USAGE_TYPE_VOLUME, + vol->target.path); + virObjectUnref(conn); + if (!sec) return 0; =20 if (VIR_ALLOC_N(vol->target.encryption->secrets, 1) < 0 || @@ -2343,7 +2335,7 @@ storageBackendLoadDefaultSecrets(virConnectPtr conn, * Update info about a volume's capacity/allocation */ int -virStorageBackendVolRefreshLocal(virConnectPtr conn, +virStorageBackendVolRefreshLocal(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool ATTRIBUTE_UNUSE= D, virStorageVolDefPtr vol) { @@ -2356,13 +2348,12 @@ virStorageBackendVolRefreshLocal(virConnectPtr conn, return ret; =20 /* Load any secrets if possible */ - return storageBackendLoadDefaultSecrets(conn, vol); + return storageBackendLoadDefaultSecrets(vol); } =20 =20 static int -storageBackendResizeQemuImg(virConnectPtr conn, - virStoragePoolObjPtr pool, +storageBackendResizeQemuImg(virStoragePoolObjPtr pool, virStorageVolDefPtr vol, unsigned long long capacity) { @@ -2386,14 +2377,14 @@ storageBackendResizeQemuImg(virConnectPtr conn, else type =3D virStorageFileFormatTypeToString(vol->target.format); =20 - storageBackendLoadDefaultSecrets(conn, vol); + storageBackendLoadDefaultSecrets(vol); =20 if (storageBackendCreateQemuImgCheckEncryption(vol->target.format, - type, NULL, vol) < = 0) + type, vol) < 0) goto cleanup; =20 if (!(secretPath =3D - storageBackendCreateQemuImgSecretPath(conn, pool, vol))) + storageBackendCreateQemuImgSecretPath(pool, vol))) goto cleanup; =20 if (virAsprintf(&secretAlias, "%s_luks0", vol->name) < 0) @@ -2438,7 +2429,7 @@ storageBackendResizeQemuImg(virConnectPtr conn, * Resize a volume */ int -virStorageBackendVolResizeLocal(virConnectPtr conn, +virStorageBackendVolResizeLocal(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool, virStorageVolDefPtr vol, unsigned long long capacity, @@ -2459,7 +2450,7 @@ virStorageBackendVolResizeLocal(virConnectPtr conn, return -1; } =20 - return storageBackendResizeQemuImg(conn, pool, vol, capacity); + return storageBackendResizeQemuImg(pool, vol, capacity); } else if (vol->target.format =3D=3D VIR_STORAGE_FILE_PLOOP) { return storagePloopResize(vol, capacity); } else { @@ -2470,7 +2461,7 @@ virStorageBackendVolResizeLocal(virConnectPtr conn, return -1; } =20 - return storageBackendResizeQemuImg(conn, pool, vol, capacity); + return storageBackendResizeQemuImg(pool, vol, capacity); } } =20 diff --git a/src/storage/storage_util.h b/src/storage/storage_util.h index dc7e62517b..ffc83c60ab 100644 --- a/src/storage/storage_util.h +++ b/src/storage/storage_util.h @@ -29,8 +29,7 @@ /* File creation/cloning functions used for cloning between backends */ =20 int -virStorageBackendCreateVolUsingQemuImg(virConnectPtr conn, - virStoragePoolObjPtr pool, +virStorageBackendCreateVolUsingQemuImg(virStoragePoolObjPtr pool, virStorageVolDefPtr vol, virStorageVolDefPtr inputvol, unsigned int flags); @@ -166,8 +165,7 @@ char *virStorageBackendStablePath(virStoragePoolObjPtr = pool, bool loop); =20 virCommandPtr -virStorageBackendCreateQemuImgCmdFromVol(virConnectPtr conn, - virStoragePoolObjPtr pool, +virStorageBackendCreateQemuImgCmdFromVol(virStoragePoolObjPtr pool, virStorageVolDefPtr vol, virStorageVolDefPtr inputvol, unsigned int flags, --=20 2.14.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list