storage: Prior to creating a volume, refresh the pool

https://bugzilla.redhat.com/show_bug.cgi?id=1233003

Although perhaps bordering on a don't do that type scenario, if
someone creates a volume in a pool outside of libvirt, then uses that
same name to create a volume in the pool via libvirt, then the creation
will fail and in some cases cause the same name volume to be deleted.

This patch will refresh the pool just prior to checking whether the
named volume exists prior to creating the volume in the pool. While
it's still possible to have a timing window to create a file after the
check - at least we tried.  At that point, someone is being malicious.

diff --git a/src/storage/storage_driver.c b/src/storage/storage_driver.c
index 7aaa060e202c648a3e346f6a3d866099367f9b8f..ddf4405d596c409127d3d98050dc64163a1bfbdf 100644 (file)
--- a/src/storage/storage_driver.c
+++ b/src/storage/storage_driver.c
@@ -1796,6 +1796,15 @@ storageVolCreateXML(virStoragePoolPtr obj,
     if (virStorageVolCreateXMLEnsureACL(obj->conn, pool->def, voldef) < 0)
         goto cleanup;
 
+    /* While not perfect, refresh the list of volumes in the pool and
+     * then check that the incoming name isn't already in the pool.
+     */
+    if (backend->refreshPool) {
+        virStoragePoolObjClearVols(pool);
+        if (backend->refreshPool(obj->conn, pool) < 0)
+            goto cleanup;
+    }
+
     if (virStorageVolDefFindByName(pool, voldef->name)) {
         virReportError(VIR_ERR_STORAGE_VOL_EXIST,
                        _("'%s'"), voldef->name);