File fceeeda2-qemu-secinfo-hotplug-disk.patch of Package libvirt

commit fceeeda2115bcb86b992c4add38704a886c099c8
Author: John Ferlan <jferlan@redhat.com>
Date:   Wed Jun 22 07:07:49 2016 -0400

    qemu: Add secinfo for hotplug virtio disk
    
    Commit id 'a1344f70a' added AES secret processing for RBD when starting
    up a guest. As such, when the hotplug code calls qemuDomainSecretDiskPrepare
    an AES secret could be added to the disk about to be hotplugged. If an AES
    secret was added, then the hotplug code would need to generate the secret
    object because qemuBuildDriveStr would add the "password-secret=" to the
    returned 'driveStr' rather than the base64 encoded password.
    
    Signed-off-by: John Ferlan <jferlan@redhat.com>

Index: libvirt-2.0.0/src/qemu/qemu_hotplug.c
===================================================================
--- libvirt-2.0.0.orig/src/qemu/qemu_hotplug.c
+++ libvirt-2.0.0/src/qemu/qemu_hotplug.c
@@ -302,6 +302,7 @@ qemuDomainAttachVirtioDiskDevice(virConn
                                  virDomainDiskDefPtr disk)
 {
     int ret = -1;
+    int rv;
     qemuDomainObjPrivatePtr priv = vm->privateData;
     virErrorPtr orig_err;
     char *devstr = NULL;
@@ -309,8 +310,12 @@ qemuDomainAttachVirtioDiskDevice(virConn
     char *drivealias = NULL;
     bool releaseaddr = false;
     bool driveAdded = false;
+    bool secobjAdded = false;
     virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
     const char *src = virDomainDiskGetSource(disk);
+    virJSONValuePtr secobjProps = NULL;
+    qemuDomainDiskPrivatePtr diskPriv;
+    qemuDomainSecretInfoPtr secinfo;
 
     if (!disk->info.type) {
         if (qemuDomainMachineIsS390CCW(vm->def) &&
@@ -343,6 +348,13 @@ qemuDomainAttachVirtioDiskDevice(virConn
     if (qemuDomainSecretDiskPrepare(conn, priv, disk) < 0)
         goto error;
 
+    diskPriv = QEMU_DOMAIN_DISK_PRIVATE(disk);
+    secinfo = diskPriv->secinfo;
+    if (secinfo && secinfo->type == VIR_DOMAIN_SECRET_INFO_TYPE_AES) {
+        if (qemuBuildSecretInfoProps(secinfo, &secobjProps) < 0)
+            goto error;
+    }
+
     if (!(drivestr = qemuBuildDriveStr(disk, false, priv->qemuCaps)))
         goto error;
 
@@ -357,6 +369,15 @@ qemuDomainAttachVirtioDiskDevice(virConn
 
     qemuDomainObjEnterMonitor(driver, vm);
 
+    if (secobjProps) {
+        rv = qemuMonitorAddObject(priv->mon, "secret", secinfo->s.aes.alias,
+                                  secobjProps);
+        secobjProps = NULL; /* qemuMonitorAddObject consumes */
+        if (rv < 0)
+            goto exit_monitor;
+    }
+    secobjAdded = true;
+
     if (qemuMonitorAddDrive(priv->mon, drivestr) < 0)
         goto exit_monitor;
     driveAdded = true;
@@ -375,6 +396,7 @@ qemuDomainAttachVirtioDiskDevice(virConn
     ret = 0;
 
  cleanup:
+    virJSONValueFree(secobjProps);
     qemuDomainSecretDiskDestroy(disk);
     VIR_FREE(devstr);
     VIR_FREE(drivestr);
@@ -388,10 +410,13 @@ qemuDomainAttachVirtioDiskDevice(virConn
         VIR_WARN("Unable to remove drive %s (%s) after failed "
                  "qemuMonitorAddDevice", drivealias, drivestr);
     }
+    if (secobjAdded)
+        ignore_value(qemuMonitorDelObject(priv->mon, secinfo->s.aes.alias));
     if (orig_err) {
         virSetError(orig_err);
         virFreeError(orig_err);
     }
+
     if (qemuDomainObjExitMonitor(driver, vm) < 0)
         releaseaddr = false;
 
@@ -2806,6 +2831,7 @@ qemuDomainRemoveDiskDevice(virQEMUDriver
     const char *src = virDomainDiskGetSource(disk);
     qemuDomainObjPrivatePtr priv = vm->privateData;
     char *drivestr;
+    char *objAlias = NULL;
 
     VIR_DEBUG("Removing disk %s from domain %p %s",
               disk->info.alias, vm, vm->def->name);
@@ -2816,7 +2842,27 @@ qemuDomainRemoveDiskDevice(virQEMUDriver
                     QEMU_DRIVE_HOST_PREFIX, disk->info.alias) < 0)
         return -1;
 
+    /* Let's look for some markers for a secret object and create an alias
+     * object to be used to attempt to delete the object that was created.
+     * We cannot just use the disk private secret info since it would have
+     * been removed during cleanup of qemuProcessLaunch. Likewise, libvirtd
+     * restart wouldn't have them, so no assumption can be made. */
+    if (virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET) &&
+        qemuDomainSecretDiskCapable(disk->src)) {
+
+        if (!(objAlias = qemuDomainGetSecretAESAlias(disk->info.alias))) {
+            VIR_FREE(drivestr);
+            return -1;
+        }
+    }
+
     qemuDomainObjEnterMonitor(driver, vm);
+
+    /* If it fails, then so be it - it was a best shot */
+    if (objAlias)
+        ignore_value(qemuMonitorDelObject(priv->mon, objAlias));
+    VIR_FREE(objAlias);
+
     qemuMonitorDriveDel(priv->mon, drivestr);
     VIR_FREE(drivestr);
     if (qemuDomainObjExitMonitor(driver, vm) < 0)