NuKVM/libvirt
3
0
Fork 0
mirror of https://github.com/libvirt/libvirt.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

qemu: properly label outgoing pipe for tunneled migration

Browse Source 
Commit 3261761 made it possible to use pipes instead of sockets
for outgoing tunneled migration; however, it caused a regression
because the pipe was never given a SELinux label.

* src/qemu/qemu_migration.c (doTunnelMigrate): Label outgoing pipe.
This commit is contained in:
Eric Blake 2011-08-29 17:31:42 -06:00
parent bae460fc56
commit e6b8bc812a
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/qemu/qemu_migration.c
View File

@ -24,6 +24,7 @@
#include <sys/time.h> #include <sys/time.h>
#include <gnutls/gnutls.h> #include <gnutls/gnutls.h>
#include <gnutls/x509.h> #include <gnutls/x509.h>
#include <fcntl.h>
#include "qemu_migration.h" #include "qemu_migration.h"
#include "qemu_monitor.h" #include "qemu_monitor.h"
@ -1691,13 +1692,13 @@ static int doTunnelMigrate(struct qemud_driver *driver,
spec.dest.fd.qemu = -1; spec.dest.fd.qemu = -1;
spec.dest.fd.local = -1; spec.dest.fd.local = -1;
if (pipe(fds) == 0) { if (pipe2(fds, O_CLOEXEC) == 0) {
spec.dest.fd.qemu = fds[1]; spec.dest.fd.qemu = fds[1];
spec.dest.fd.local = fds[0]; spec.dest.fd.local = fds[0];
} }
if (spec.dest.fd.qemu == -1 || if (spec.dest.fd.qemu == -1 ||
virSetCloseExec(spec.dest.fd.qemu) < 0 || virSecurityManagerSetImageFDLabel(driver->securityManager, vm,
virSetCloseExec(spec.dest.fd.local) < 0) { spec.dest.fd.qemu) < 0) {
virReportSystemError(errno, "%s", virReportSystemError(errno, "%s",
_("cannot create pipe for tunnelled migration")); _("cannot create pipe for tunnelled migration"));
goto cleanup; goto cleanup;