Now that we remember the alias we've used to attach the secret objects
we should reuse them rather than trying to infer them from the disk
configuration.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
 src/qemu/qemu_hotplug.c | 43 ++++++++++++-------------------------------
 1 file changed, 12 insertions(+), 31 deletions(-)

diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 2899f49fff..5e2ca1b988 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -3831,14 +3831,15 @@ qemuDomainRemoveDiskDevice(virQEMUDriverPtr driver,
                            virDomainObjPtr vm,
                            virDomainDiskDefPtr disk)
 {
+    qemuDomainStorageSourcePrivatePtr diskPriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(disk->src);
     virDomainDeviceDef dev;
     virObjectEventPtr event;
     size_t i;
     const char *src = virDomainDiskGetSource(disk);
     qemuDomainObjPrivatePtr priv = vm->privateData;
     char *drivestr;
-    char *objAlias = NULL;
-    char *encAlias = NULL;
+    const char *authAlias = NULL;
+    const char *encAlias = NULL;

     VIR_DEBUG("Removing disk %s from domain %p %s",
               disk->info.alias, vm, vm->def->name);
@@ -3848,32 +3849,14 @@ qemuDomainRemoveDiskDevice(virQEMUDriverPtr driver,
     if (!(drivestr = qemuAliasFromDisk(disk)))
         return -1;

-    /* Let's look for some markers for a secret object and create an alias
-     * object to be used to attempt to delete the object that was created.
-     * We cannot just use the disk private secret info since it would have
-     * been removed during cleanup of qemuProcessLaunch. Likewise, libvirtd
-     * restart wouldn't have them, so no assumption can be made. */
-    if (virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET) &&
-        qemuDomainStorageSourceHasAuth(disk->src)) {
-
-        if (!(objAlias =
-              qemuDomainGetSecretAESAlias(disk->info.alias, false))) {
-            VIR_FREE(drivestr);
-            return -1;
-        }
-    }
-
-    /* Similarly, if this is possible a device using LUKS encryption, we
-     * can remove the luks object password too
-     */
-    if (qemuDomainDiskHasEncryptionSecret(disk->src)) {
+    if (diskPriv) {
+        if (diskPriv->secinfo &&
+            diskPriv->secinfo->type == VIR_DOMAIN_SECRET_INFO_TYPE_AES)
+            authAlias = diskPriv->secinfo->s.aes.alias;

-        if (!(encAlias =
-              qemuDomainGetSecretAESAlias(disk->info.alias, true))) {
-            VIR_FREE(objAlias);
-            VIR_FREE(drivestr);
-            return -1;
-        }
+        if (diskPriv->encinfo &&
+            diskPriv->encinfo->type == VIR_DOMAIN_SECRET_INFO_TYPE_AES)
+            encAlias = diskPriv->encinfo->s.aes.alias;
     }

     qemuDomainObjEnterMonitor(driver, vm);
@@ -3882,14 +3865,12 @@ qemuDomainRemoveDiskDevice(virQEMUDriverPtr driver,
     VIR_FREE(drivestr);

     /* If it fails, then so be it - it was a best shot */
-    if (objAlias)
-        ignore_value(qemuMonitorDelObject(priv->mon, objAlias));
-    VIR_FREE(objAlias);
+    if (authAlias)
+        ignore_value(qemuMonitorDelObject(priv->mon, authAlias));

     /* If it fails, then so be it - it was a best shot */
     if (encAlias)
         ignore_value(qemuMonitorDelObject(priv->mon, encAlias));
-    VIR_FREE(encAlias);

     /* If it fails, then so be it - it was a best shot */
     if (disk->src->pr)
-- 
2.16.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

On Wed, May 30, 2018 at 02:41:09PM +0200, Peter Krempa wrote:
>Now that we remember the alias we've used to attach the secret objects
>we should reuse them rather than trying to infer them from the disk
>configuration.
>
>Signed-off-by: Peter Krempa <pkrempa@redhat.com>
>---
> src/qemu/qemu_hotplug.c | 43 ++++++++++++-------------------------------
> 1 file changed, 12 insertions(+), 31 deletions(-)
>

Reviewed-by: Ján Tomko <jtomko@redhat.com>

Jano
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

On 05/30/2018 08:41 AM, Peter Krempa wrote:
> Now that we remember the alias we've used to attach the secret objects
> we should reuse them rather than trying to infer them from the disk
> configuration.
> 
> Signed-off-by: Peter Krempa <pkrempa@redhat.com>
> ---
>  src/qemu/qemu_hotplug.c | 43 ++++++++++++-------------------------------
>  1 file changed, 12 insertions(+), 31 deletions(-)
> 

If we saved secrets for hostdev, then qemuDomainRemoveHostDevice would
need adjustment.


John

[...]

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

On Wed, May 30, 2018 at 17:50:45 -0400, John Ferlan wrote:
> 
> 
> On 05/30/2018 08:41 AM, Peter Krempa wrote:
> > Now that we remember the alias we've used to attach the secret objects
> > we should reuse them rather than trying to infer them from the disk
> > configuration.
> > 
> > Signed-off-by: Peter Krempa <pkrempa@redhat.com>
> > ---
> >  src/qemu/qemu_hotplug.c | 43 ++++++++++++-------------------------------
> >  1 file changed, 12 insertions(+), 31 deletions(-)
> > 
> 
> If we saved secrets for hostdev, then qemuDomainRemoveHostDevice would
> need adjustment.

That is a separate beast of itself. Hostdev formatter does not use the
virStorageSource formatter for the iSCSI case.
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list