render / rpms / libvirt

Forked from rpms/libvirt 10 months ago
Clone
Blob Blame History Raw
From d15d6fce9e34e3b7241ca1f61328fc301678a3c0 Mon Sep 17 00:00:00 2001
Message-Id: <d15d6fce9e34e3b7241ca1f61328fc301678a3c0@dist-git>
From: John Ferlan <jferlan@redhat.com>
Date: Wed, 17 Aug 2016 08:18:10 -0400
Subject: [PATCH] qemu: Fix the command line generation for rbd auth using aes
 secrets

https://bugzilla.redhat.com/show_bug.cgi?id=1182074

Since libvirt still uses a legacy qemu arg format to add a disk, the
manner in which the 'password-secret' argument is passed to qemu needs
to change to prepend a 'file.' If in the future, usage of the more
modern disk format, then the prepended 'file.' can be removed.

Fix based on Jim Fehlig <jfehlig@suse.com> posting and subsequent
upstream list followups, see:

http://www.redhat.com/archives/libvir-list/2016-August/msg00777.html

for details. Introduced by commit id 'a1344f70'.

(cherry picked from commit d53d465083edeb64cc7b78249c030734c0d91c6b)

Resolved "conflict" in the .args file since upstream commit id '4808ebde'
to alter the max length of .args output line length isn't present.

Signed-off-by: John Ferlan <jferlan@redhat.com>
---
 src/qemu/qemu_command.c                                            | 7 ++++++-
 .../qemuxml2argv-disk-drive-network-rbd-auth-AES.args              | 3 ++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 4ce86bb..a001d2c 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -1296,7 +1296,12 @@ qemuBuildDriveSourceStr(virDomainDiskDefPtr disk,
     virBufferAddLit(buf, ",");
 
     if (secinfo && secinfo->type == VIR_DOMAIN_SECRET_INFO_TYPE_AES) {
-        virBufferAsprintf(buf, "password-secret=%s,",
+        /* NB: If libvirt starts using the more modern option based
+         *     syntax to build the command line (e.g., "-drive driver=rbd,
+         *     filename=%s,...") instead of the legacy model (e.g."-drive
+         *     file=%s,..."), then the "file." prefix can be removed
+         */
+        virBufferAsprintf(buf, "file.password-secret=%s,",
                           secinfo->s.aes.alias);
     }
 
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args
index 7100d2d..8312d3d 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args
@@ -26,6 +26,7 @@ data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
 keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
 -drive 'file=rbd:pool/image:id=myname:auth_supported=cephx\;none:\
 mon_host=mon1.example.org\:6321\;mon2.example.org\:6322\;mon3.example.org\:6322,\
-password-secret=virtio-disk0-secret0,format=raw,if=none,id=drive-virtio-disk0' \
+file.password-secret=virtio-disk0-secret0,format=raw,if=none,\
+id=drive-virtio-disk0' \
 -device virtio-blk-pci,bus=pci.0,addr=0x3,drive=drive-virtio-disk0,\
 id=virtio-disk0
-- 
2.9.2