qemu: Use correct permissions when determining the image chain

The code took into account only the global permissions. The domains now
support per-vm DAC labels and per-image DAC labels. Use the most
specific label available.

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index c947e2e956f36458834e841f696286b220fe2929..a6650612eb1cf88a925567222db752522e3f744c 100644 (file)
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -2210,7 +2210,7 @@ qemuDomainCheckDiskPresence(virQEMUDriverPtr driver,
         if (!disk->src)
             continue;
 
-        if (qemuDomainDetermineDiskChain(driver, disk, false) >= 0 &&
+        if (qemuDomainDetermineDiskChain(driver, vm, disk, false) >= 0 &&
             qemuDiskChainCheckBroken(disk) >= 0)
             continue;
 
@@ -2319,13 +2319,46 @@ qemuDiskChainCheckBroken(virDomainDiskDefPtr disk)
     return 0;
 }
 
+static void
+qemuDomainGetImageIds(virQEMUDriverConfigPtr cfg,
+                      virDomainObjPtr vm,
+                      virDomainDiskDefPtr disk,
+                      uid_t *uid, gid_t *gid)
+{
+    virSecurityLabelDefPtr vmlabel;
+    virSecurityDeviceLabelDefPtr disklabel;
+
+    if (uid)
+        *uid = -1;
+    if (gid)
+        *gid = -1;
+
+    if (cfg) {
+        if (uid)
+            *uid = cfg->user;
+
+        if (gid)
+            *gid = cfg->group;
+    }
+
+    if (vm && (vmlabel = virDomainDefGetSecurityLabelDef(vm->def, "dac")))
+        virParseOwnershipIds(vmlabel->label, uid, gid);
+
+    if ((disklabel = virDomainDiskDefGetSecurityLabelDef(disk, "dac")))
+        virParseOwnershipIds(disklabel->label, uid, gid);
+}
+
+
 int
 qemuDomainDetermineDiskChain(virQEMUDriverPtr driver,
+                             virDomainObjPtr vm,
                              virDomainDiskDefPtr disk,
                              bool force)
 {
     virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
     int ret = 0;
+    uid_t uid;
+    gid_t gid;
 
     if (!disk->src ||
         disk->type == VIR_DOMAIN_DISK_TYPE_NETWORK ||
@@ -2340,8 +2373,11 @@ qemuDomainDetermineDiskChain(virQEMUDriverPtr driver,
             goto cleanup;
         }
     }
+
+    qemuDomainGetImageIds(cfg, vm, disk, &uid, &gid);
+
     disk->backingChain = virStorageFileGetMetadata(disk->src, disk->format,
-                                                   cfg->user, cfg->group,
+                                                   uid, gid,
                                                    cfg->allowDiskFormatProbing);
     if (!disk->backingChain)
         ret = -1;

diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index 84624f9ac9e31d3049b5f799eb145262f0492dc9..3826d0ba85db4630b9afa45d9eed1a737384672e 100644 (file)
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -353,6 +353,7 @@ int qemuDomainCheckDiskPresence(virQEMUDriverPtr driver,
 int qemuDiskChainCheckBroken(virDomainDiskDefPtr disk);
 
 int qemuDomainDetermineDiskChain(virQEMUDriverPtr driver,
+                                 virDomainObjPtr vm,
                                  virDomainDiskDefPtr disk,
                                  bool force);
 

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 944facb58d337474ca1b36c5822db662bdb81c46..94844df9d10217956f2935f398fda1ed29ca415c 100644 (file)
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -6499,7 +6499,7 @@ qemuDomainChangeDiskMediaLive(virConnectPtr conn,
     if (qemuTranslateDiskSourcePool(conn, disk) < 0)
         goto end;
 
-    if (qemuDomainDetermineDiskChain(driver, disk, false) < 0)
+    if (qemuDomainDetermineDiskChain(driver, vm, disk, false) < 0)
         goto end;
 
     if (qemuSetupDiskCgroup(vm, disk) < 0)
@@ -14632,7 +14632,7 @@ qemuDomainBlockPivot(virConnectPtr conn,
     disk->src = disk->mirror;
     disk->format = disk->mirrorFormat;
     disk->backingChain = NULL;
-    if (qemuDomainDetermineDiskChain(driver, disk, false) < 0) {
+    if (qemuDomainDetermineDiskChain(driver, vm, disk, false) < 0) {
         disk->src = oldsrc;
         disk->format = oldformat;
         disk->backingChain = oldchain;
@@ -14983,7 +14983,7 @@ qemuDomainBlockCopy(virDomainObjPtr vm,
         goto endjob;
     }
 
-    if (qemuDomainDetermineDiskChain(driver, disk, false) < 0)
+    if (qemuDomainDetermineDiskChain(driver, vm, disk, false) < 0)
         goto endjob;
 
     if ((flags & VIR_DOMAIN_BLOCK_REBASE_SHALLOW) &&
@@ -15190,7 +15190,7 @@ qemuDomainBlockCommit(virDomainPtr dom, const char *path, const char *base,
                        disk->dst);
         goto endjob;
     }
-    if (qemuDomainDetermineDiskChain(driver, disk, false) < 0)
+    if (qemuDomainDetermineDiskChain(driver, vm, disk, false) < 0)
         goto endjob;
 
     if (!top) {

diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 4a885d22ef8bbee6f390f9e7649dde4633a9b801..7066be69047aadc0e92192a6a2113a70a23b2ce9 100644 (file)
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -719,7 +719,7 @@ qemuDomainAttachDeviceDiskLive(virConnectPtr conn,
     if (qemuSetUnprivSGIO(dev) < 0)
         goto end;
 
-    if (qemuDomainDetermineDiskChain(driver, disk, false) < 0)
+    if (qemuDomainDetermineDiskChain(driver, vm, disk, false) < 0)
         goto end;
 
     if (qemuSetupDiskCgroup(vm, disk) < 0)

diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 8bcd98e772de5845fc78418d40176bde470bb157..c1f60cd99c4c6ea1f805c713b216e46a4a442516 100644 (file)
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -997,7 +997,7 @@ qemuProcessHandleBlockJob(qemuMonitorPtr mon ATTRIBUTE_UNUSED,
         if ((type == VIR_DOMAIN_BLOCK_JOB_TYPE_PULL ||
              type == VIR_DOMAIN_BLOCK_JOB_TYPE_COMMIT) &&
             status == VIR_DOMAIN_BLOCK_JOB_COMPLETED)
-            qemuDomainDetermineDiskChain(driver, disk, true);
+            qemuDomainDetermineDiskChain(driver, vm, disk, true);
         if (disk->mirror && type == VIR_DOMAIN_BLOCK_JOB_TYPE_COPY &&
             status == VIR_DOMAIN_BLOCK_JOB_READY)
             disk->mirroring = true;