From 3973d4dff1be9ae0a2f2615132a30b2b5bbed059 Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Mon, 25 Mar 2019 17:02:44 +0100
Subject: [PATCH] qemu: Move image security metadata on snapshot activity
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
---
 src/qemu/qemu_blockjob.c |  6 ++++++
 src/qemu/qemu_driver.c   | 18 ++++++++++++++++--
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/src/qemu/qemu_blockjob.c b/src/qemu/qemu_blockjob.c
index d7e1070c93..34a4047210 100644
--- a/src/qemu/qemu_blockjob.c
+++ b/src/qemu/qemu_blockjob.c
@@ -37,6 +37,7 @@
 #include "locking/domain_lock.h"
 #include "viralloc.h"
 #include "virstring.h"
+#include "qemu_security.h"
 
 #define VIR_FROM_THIS VIR_FROM_QEMU
 
@@ -275,6 +276,11 @@ qemuBlockJobEventProcessLegacyCompleted(virQEMUDriverPtr driver,
          * want to only revoke the non-shared portion of the chain); so for
          * now, we leak the access to the original.  */
         virDomainLockImageDetach(driver->lockManager, vm, disk->src);
+
+        /* Move secret driver metadata */
+        if (qemuSecurityMoveImageMetadata(driver, vm, disk->src, disk->mirror) < 0)
+            VIR_WARN("Unable to move disk metadata on vm %s", vm->def->name);
+
         virObjectUnref(disk->src);
         disk->src = disk->mirror;
     } else {
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index ef2e980216..acdd9c080f 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -15126,17 +15126,31 @@ qemuDomainSnapshotUpdateDiskSourcesRenumber(virStorageSourcePtr src)
 
 /**
  * qemuDomainSnapshotUpdateDiskSources:
+ * @driver: QEMU driver
+ * @vm: domain object
  * @dd: snapshot disk data object
  *
  * Updates disk definition after a successful snapshot.
  */
 static void
-qemuDomainSnapshotUpdateDiskSources(qemuDomainSnapshotDiskDataPtr dd)
+qemuDomainSnapshotUpdateDiskSources(virQEMUDriverPtr driver,
+                                    virDomainObjPtr vm,
+                                    qemuDomainSnapshotDiskDataPtr dd)
 {
+    if (!dd->src) {
+        /* Remove old metadata */
+        if (qemuSecurityMoveImageMetadata(driver, vm, dd->disk->src, NULL) < 0)
+            VIR_WARN("Unable to remove disk metadata on vm %s", vm->def->name);
+        return;
+    }
+
     /* storage driver access won'd be needed */
     if (dd->initialized)
         virStorageFileDeinit(dd->src);
 
+    if (qemuSecurityMoveImageMetadata(driver, vm, dd->disk->src, dd->src) < 0)
+        VIR_WARN("Unable to move disk metadata on vm %s", vm->def->name);
+
     /* the old disk image is now readonly */
     dd->disk->src->readonly = true;
 
@@ -15246,7 +15260,7 @@ qemuDomainSnapshotCreateDiskActive(virQEMUDriverPtr driver,
         virDomainAuditDisk(vm, dd->disk->src, dd->src, "snapshot", rc >= 0);
 
         if (rc == 0)
-            qemuDomainSnapshotUpdateDiskSources(dd);
+            qemuDomainSnapshotUpdateDiskSources(driver, vm, dd);
     }
 
     if (rc < 0)