Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel P. Berrange <berrange@redhat.com>2010-04-22 17:16:47 +0100
committerDaniel P. Berrange <berrange@redhat.com>2010-04-28 13:51:55 +0100
commit51cd0196e56dd5e6ca7c3e0840256c5be0fc8b4d (patch)
tree5782f887d56127ff555d301624199b4aee3cba83
parentFix QEMU domain save to block devices with cgroups enabled (diff)
downloadlibvirt-51cd0196e56dd5e6ca7c3e0840256c5be0fc8b4d.tar.gz
libvirt-51cd0196e56dd5e6ca7c3e0840256c5be0fc8b4d.tar.bz2
libvirt-51cd0196e56dd5e6ca7c3e0840256c5be0fc8b4d.zip
Fix handling of security driver restore failures in QEMU domain save
In cases where the security driver failed to restore a label after a guest has saved, we mistakenly jumped to the error cleanup paths. This is not good, because the operation has in fact completed and cannot be rolled back completely. Label restore is non-critical, so just log the problem instead. Also add a missing restore call in the error cleanup path * src/qemu/qemu_driver.c: Fix handling of security driver restore failures in QEMU domain save
Diffstat
-rw-r--r--src/qemu/qemu_driver.c48
1 files changed, 25 insertions, 23 deletions
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 9f7a19cd0..326cb584a 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -4976,16 +4976,13 @@ static int qemudDomainSaveFlag(virDomainPtr dom, const char *path,
driver->securityDriver &&
driver->securityDriver->domainRestoreSavedStateLabel &&
driver->securityDriver->domainRestoreSavedStateLabel(vm, path) == -1)
- goto endjob;
+ VIR_WARN("failed to restore save state label on %s", path);
if (cgroup != NULL) {
rc = virCgroupDenyDevicePath(cgroup, path);
- if (rc != 0) {
- virReportSystemError(-rc,
- _("Unable to deny device %s for %s"),
- path, vm->def->name);
- goto endjob;
- }
+ if (rc != 0)
+ VIR_WARN("Unable to deny device %s for %s %d",
+ path, vm->def->name, rc);
}
ret = 0;
@@ -5004,24 +5001,29 @@ static int qemudDomainSaveFlag(virDomainPtr dom, const char *path,
endjob:
if (vm) {
- if (ret != 0 && header.was_running && priv->mon) {
- qemuDomainObjEnterMonitorWithDriver(driver, vm);
- rc = qemuMonitorStartCPUs(priv->mon, dom->conn);
- qemuDomainObjExitMonitorWithDriver(driver, vm);
- if (rc < 0)
- VIR_WARN0("Unable to resume guest CPUs after save failure");
- else
- vm->state = VIR_DOMAIN_RUNNING;
- }
+ if (ret != 0) {
+ if (header.was_running && priv->mon) {
+ qemuDomainObjEnterMonitorWithDriver(driver, vm);
+ rc = qemuMonitorStartCPUs(priv->mon, dom->conn);
+ qemuDomainObjExitMonitorWithDriver(driver, vm);
+ if (rc < 0)
+ VIR_WARN0("Unable to resume guest CPUs after save failure");
+ else
+ vm->state = VIR_DOMAIN_RUNNING;
+ }
- if (ret != 0 && cgroup != NULL) {
- rc = virCgroupDenyDevicePath(cgroup, path);
- if (rc != 0) {
- virReportSystemError(-rc,
- _("Unable to deny device %s for %s"),
- path, vm->def->name);
- goto endjob;
+ if (cgroup != NULL) {
+ rc = virCgroupDenyDevicePath(cgroup, path);
+ if (rc != 0)
+ VIR_WARN("Unable to deny device %s for %s: %d",
+ path, vm->def->name, rc);
}
+
+ if ((!bypassSecurityDriver) &&
+ driver->securityDriver &&
+ driver->securityDriver->domainRestoreSavedStateLabel &&
+ driver->securityDriver->domainRestoreSavedStateLabel(vm, path) == -1)
+ VIR_WARN("failed to restore save state label on %s", path);
}
if (qemuDomainObjEndJob(vm) == 0)