From 6e6b4bfcf296880465173862b449446ff4b3796a Mon Sep 17 00:00:00 2001 From: John Ferlan Date: Fri, 21 Oct 2016 10:06:50 -0400 Subject: [PATCH] qemu: Add TLS hotplug for qemuDomainAttachRNGDevice Commit id '2c322378' missed the nuance that the rng backend could be using a TCP chardev and if TLS is enabled on the host, thus will need to have the TLS object added. --- src/qemu/qemu_hotplug.c | 31 +++++++++++++++++++++++++++---- 1 file changed, 27 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index a2a7c65f5b..95b2f2a8ef 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -1850,26 +1850,30 @@ qemuDomainAttachRNGDevice(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainRNGDefPtr rng) { + virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver); qemuDomainObjPrivatePtr priv = vm->privateData; virErrorPtr orig_err; char *devstr = NULL; char *charAlias = NULL; char *objAlias = NULL; + char *tlsAlias = NULL; bool releaseaddr = false; bool chardevAdded = false; bool objAdded = false; + bool tlsobjAdded = false; virJSONValuePtr props = NULL; + virJSONValuePtr tlsProps = NULL; virDomainCCWAddressSetPtr ccwaddrs = NULL; const char *type; int ret = -1; int rv; if (qemuAssignDeviceRNGAlias(vm->def, rng) < 0) - return -1; + goto cleanup; /* preallocate space for the device definition */ if (VIR_REALLOC_N(vm->def->rngs, vm->def->nrngs + 1) < 0) - return -1; + goto cleanup; if (rng->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) { if (qemuDomainMachineIsS390CCW(vm->def) && @@ -1881,14 +1885,14 @@ qemuDomainAttachRNGDevice(virQEMUDriverPtr driver, } else { if (!qemuCheckCCWS390AddressSupport(vm->def, rng->info, priv->qemuCaps, rng->source.file)) - return -1; + goto cleanup; } releaseaddr = true; if (rng->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE || rng->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI) { if (virDomainPCIAddressEnsureAddr(priv->pciaddrs, &rng->info) < 0) - return -1; + goto cleanup; } else if (rng->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_CCW) { if (!(ccwaddrs = qemuDomainCCWAddrSetCreateFromDomain(vm->def))) goto cleanup; @@ -1910,8 +1914,22 @@ qemuDomainAttachRNGDevice(virQEMUDriverPtr driver, if (!(charAlias = qemuAliasChardevFromDevAlias(rng->info.alias))) goto cleanup; + if (rng->backend == VIR_DOMAIN_RNG_BACKEND_EGD && + qemuDomainGetChardevTLSObjects(cfg, priv, rng->source.chardev, + charAlias, &tlsProps, &tlsAlias) < 0) + goto cleanup; + qemuDomainObjEnterMonitor(driver, vm); + if (tlsAlias) { + rv = qemuMonitorAddObject(priv->mon, "tls-creds-x509", + tlsAlias, tlsProps); + tlsProps = NULL; /* qemuMonitorAddObject consumes */ + if (rv < 0) + goto exit_monitor; + tlsobjAdded = true; + } + if (rng->backend == VIR_DOMAIN_RNG_BACKEND_EGD && qemuMonitorAttachCharDev(priv->mon, charAlias, rng->source.chardev) < 0) @@ -1939,17 +1957,22 @@ qemuDomainAttachRNGDevice(virQEMUDriverPtr driver, audit: virDomainAuditRNG(vm, NULL, rng, "attach", ret == 0); cleanup: + virJSONValueFree(tlsProps); virJSONValueFree(props); if (ret < 0 && releaseaddr) qemuDomainReleaseDeviceAddress(vm, &rng->info, NULL); + VIR_FREE(tlsAlias); VIR_FREE(charAlias); VIR_FREE(objAlias); VIR_FREE(devstr); virDomainCCWAddressSetFree(ccwaddrs); + virObjectUnref(cfg); return ret; exit_monitor: orig_err = virSaveLastError(); + if (tlsobjAdded) + ignore_value(qemuMonitorDelObject(priv->mon, tlsAlias)); if (objAdded) ignore_value(qemuMonitorDelObject(priv->mon, objAlias)); if (rng->backend == VIR_DOMAIN_RNG_BACKEND_EGD && chardevAdded) -- 2.39.5