From d53d465083edeb64cc7b78249c030734c0d91c6b Mon Sep 17 00:00:00 2001 From: John Ferlan Date: Tue, 16 Aug 2016 16:50:15 -0400 Subject: [PATCH] qemu: Fix the command line generation for rbd auth using aes secrets https://bugzilla.redhat.com/show_bug.cgi?id=1182074 Since libvirt still uses a legacy qemu arg format to add a disk, the manner in which the 'password-secret' argument is passed to qemu needs to change to prepend a 'file.' If in the future, usage of the more modern disk format, then the prepended 'file.' can be removed. Fix based on Jim Fehlig posting and subsequent upstream list followups, see: http://www.redhat.com/archives/libvir-list/2016-August/msg00777.html for details. Introduced by commit id 'a1344f70'. --- src/qemu/qemu_command.c | 7 ++++++- .../qemuxml2argv-disk-drive-network-rbd-auth-AES.args | 2 +- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index ebedaef8fb..a6dea6a5e9 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -1287,7 +1287,12 @@ qemuBuildDriveSourceStr(virDomainDiskDefPtr disk, virBufferAddLit(buf, ","); if (secinfo && secinfo->type == VIR_DOMAIN_SECRET_INFO_TYPE_AES) { - virBufferAsprintf(buf, "password-secret=%s,", + /* NB: If libvirt starts using the more modern option based + * syntax to build the command line (e.g., "-drive driver=rbd, + * filename=%s,...") instead of the legacy model (e.g."-drive + * file=%s,..."), then the "file." prefix can be removed + */ + virBufferAsprintf(buf, "file.password-secret=%s,", secinfo->s.aes.alias); } diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args index 5034bb7ab1..07d01b6ee7 100644 --- a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args @@ -26,7 +26,7 @@ data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\ keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \ -drive 'file=rbd:pool/image:id=myname:auth_supported=cephx\;none:\ mon_host=mon1.example.org\:6321\;mon2.example.org\:6322\;mon3.example.org\:\ -6322,password-secret=virtio-disk0-secret0,format=raw,if=none,\ +6322,file.password-secret=virtio-disk0-secret0,format=raw,if=none,\ id=drive-virtio-disk0' \ -device virtio-blk-pci,bus=pci.0,addr=0x3,drive=drive-virtio-disk0,\ id=virtio-disk0