File 29605313-qemuDomainSetLaunchSecurityState-nocache.patch of Package libvirt.29155
commit 29605313104a621de0a28322be95a0398f47d86e
Author: Ján Tomko <jtomko@redhat.com>
Date: Fri Jan 28 17:44:32 2022 +0100
qemu: qemuDomainSetLaunchSecurityState: do not lookup qemuCaps in cache
Any active domain has a copy in the privateData, filled in
qemuProcessInit.
Move the qemu capability check below the activeness check and remove
the extra lookup.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Index: libvirt-8.0.0/src/qemu/qemu_driver.c
===================================================================
--- libvirt-8.0.0.orig/src/qemu/qemu_driver.c
+++ libvirt-8.0.0/src/qemu/qemu_driver.c
@@ -19988,12 +19988,12 @@ qemuDomainSetLaunchSecurityState(virDoma
virDomainObj *vm;
int ret = -1;
int rc;
- g_autoptr(virQEMUCaps) qemucaps = NULL;
const char *secrethdr = NULL;
const char *secret = NULL;
unsigned long long setaddr = 0;
bool hasSetaddr = false;
int state;
+ qemuDomainObjPrivate *priv;
virCheckFlags(0, -1);
if (virTypedParamsValidate(params, nparams,
@@ -20009,6 +20009,8 @@ qemuDomainSetLaunchSecurityState(virDoma
if (!(vm = qemuDomainObjFromDomain(domain)))
goto cleanup;
+ priv = vm->privateData;
+
if (virDomainSetLaunchSecurityStateEnsureACL(domain->conn, vm->def) < 0)
goto cleanup;
@@ -20020,17 +20022,6 @@ qemuDomainSetLaunchSecurityState(virDoma
goto cleanup;
}
- if (!(qemucaps = virQEMUCapsCacheLookupDefault(driver->qemuCapsCache,
- NULL, NULL, NULL, NULL,
- NULL, NULL, NULL)))
- goto cleanup;
-
- if (!virQEMUCapsGet(qemucaps, QEMU_CAPS_SEV_INJECT_LAUNCH_SECRET)) {
- virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
- _("QEMU does not support setting a launch secret"));
- goto cleanup;
- }
-
if (virTypedParamsGetString(params, nparams,
VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_HEADER,
&secrethdr) < 0 ||
@@ -20063,6 +20054,12 @@ qemuDomainSetLaunchSecurityState(virDoma
goto endjob;
}
+ if (!virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_SEV_INJECT_LAUNCH_SECRET)) {
+ virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
+ _("QEMU does not support setting a launch secret"));
+ goto endjob;
+ }
+
qemuDomainObjEnterMonitor(driver, vm);
rc = qemuMonitorSetLaunchSecurityState(QEMU_DOMAIN_PRIVATE(vm)->mon,
secrethdr, secret, setaddr, hasSetaddr);