From 3e6839d4e801cdcc9d49cd9e4bf83a3694b2a273 Mon Sep 17 00:00:00 2001 From: Michal Privoznik Date: Fri, 20 Jan 2017 10:06:39 +0100 Subject: [PATCH] qemuSecurityRestoreAllLabel: Don't use transactions Because of the nature of security driver transactions, it is impossible to use them properly. The thing is, transactions enter the domain namespace and commit all the seclabel changes. However, in RestoreAllLabel() this is impossible - the qemu process, the only process running in the namespace, is gone. And thus is the namespace. Therefore we shouldn't use the transactions as there is no namespace to enter. Signed-off-by: Michal Privoznik --- src/qemu/qemu_security.c | 25 +++++++++---------------- 1 file changed, 9 insertions(+), 16 deletions(-) diff --git a/src/qemu/qemu_security.c b/src/qemu/qemu_security.c index 544feeb4ae..13d99cdbd4 100644 --- a/src/qemu/qemu_security.c +++ b/src/qemu/qemu_security.c @@ -73,22 +73,15 @@ qemuSecurityRestoreAllLabel(virQEMUDriverPtr driver, virDomainObjPtr vm, bool migrated) { - if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT) && - virSecurityManagerTransactionStart(driver->securityManager) < 0) - goto cleanup; - - if (virSecurityManagerRestoreAllLabel(driver->securityManager, - vm->def, - migrated) < 0) - goto cleanup; - - if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT) && - virSecurityManagerTransactionCommit(driver->securityManager, - vm->pid) < 0) - goto cleanup; - - cleanup: - virSecurityManagerTransactionAbort(driver->securityManager); + /* In contrast to qemuSecuritySetAllLabel, do not use + * secdriver transactions here. This function is called from + * qemuProcessStop() which is meant to do cleanup after qemu + * process died. If it did do, the namespace is gone as qemu + * was the only process running there. We would not succeed + * in entering the namespace then. */ + virSecurityManagerRestoreAllLabel(driver->securityManager, + vm->def, + migrated); }