From nobody Sat May 18 13:36:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1650641528; cv=none; d=zohomail.com; s=zohoarc; b=ONdDN4GscERYIYYV+ISen5AZWactE/8ozbN1JFkqbkr4EbdTb0n0foCVF4PrVMfmveGVhiyxpp07fHFZeqg7oWiSk3s0fF3pKJWxTilA3uuzjRrAjt95UJghtd0PZjwNmxbpULoWyKWZLj/+fCyRLjEfjT42vlBRkZTNU61EHQU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1650641528; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=n6mY9xR/lcoLsmlYqbf3ceKu3Ckdc/Z55pWKMGwvIdk=; b=LnIv+s8NH9vHhlaHSFilsr3IWfG7gc/glHldbhmxfr1PmGSD7KnCa0htUieiEVclC9blgdE6bD3hCFVJNbEqLLENq5jyU9XJPV7GcYVudTtbNQSwsks27GqHvLcZhC4ZILCvtpRFtwP7ae5l/nX0lSC9Vv73DFU3uqHfintpMu0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1650641528947199.3363919825282; Fri, 22 Apr 2022 08:32:08 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-371-y_sT5Gl-MBKjz5J-rf2EdQ-1; Fri, 22 Apr 2022 11:32:04 -0400 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C7537383A5EA; Fri, 22 Apr 2022 15:31:59 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id B1E885523DB; Fri, 22 Apr 2022 15:31:59 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 810DD1940361; Fri, 22 Apr 2022 15:31:58 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 441851940356 for ; Fri, 22 Apr 2022 15:31:58 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 28F9A416362; Fri, 22 Apr 2022 15:31:58 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id A78EF416158 for ; Fri, 22 Apr 2022 15:31:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1650641527; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=n6mY9xR/lcoLsmlYqbf3ceKu3Ckdc/Z55pWKMGwvIdk=; b=fZ5+il+MXBZEDslDGniVDwDTaxxPqK0Eyb78yK701VnJOmXpMLUIFXWJgz9bpMVzJnanyD 9CzMOR8Mg+xOfZLCALd2qrS5aQd+qeRkXKdSHpLdeq66ALFl6r6x3mIWxsKZ4RyyeYU9Rz ltKvLBmzkLIF0yarH1DfQSxbHtAb4o0= X-MC-Unique: y_sT5Gl-MBKjz5J-rf2EdQ-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 01/11] conf: schema: Fix alignment in 'diskSourceNetworkProtocolHTTPS' schema definition Date: Fri, 22 Apr 2022 17:31:45 +0200 Message-Id: <6dc32279c4da1a23dfbbd2055fffa1e21e2d7de0.1650641396.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.85 on 10.11.54.9 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1650641586692100001 Content-Type: text/plain; charset="utf-8" Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- src/conf/schemas/domaincommon.rng | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincom= mon.rng index c0c14fe558..bf4d6e4b6f 100644 --- a/src/conf/schemas/domaincommon.rng +++ b/src/conf/schemas/domaincommon.rng @@ -1995,7 +1995,7 @@ - + --=20 2.35.1 From nobody Sat May 18 13:36:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1650641531; cv=none; d=zohomail.com; s=zohoarc; b=YFvqYK2tWpuu0R5C8jHQsdEHULEoLNs08/bVSXFyx7yIqLIekHG6xL1obryAsAe/EP2F94lgDQCQZZ9inh0CVhqneJ0wFTy65CnUuE9xJsD5zvwOOZOxR0ZaG9dsAE0CbxXFJzKEERCjfrMjGsU8NVlTfDdud8PHRieh5p237ak= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1650641531; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=PQ+/517tFAhp12sX+RCctr+CzgN/3FbccCwRolDKVdY=; b=hPtbfg8ElpV4ewmNvqNgh2TE9WGc7g9bHyqt2O/7KJhiWEpEcmeX+miUlGLqqCRjUElxjtNTd8m27sFiQThKkIqxJkKhzTfvUxA8XmIqWJxdU1fEeY8Ypax/k6k1Viufsf/KjMscACNID54opY0CGKqqyq9INsyIiz8z4E9Q1kI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1650641531777671.9050975508317; Fri, 22 Apr 2022 08:32:11 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-25-6GO1jA2yOHOB2EJBdxNdvg-1; Fri, 22 Apr 2022 11:32:03 -0400 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3E0C73C21F9E; Fri, 22 Apr 2022 15:32:00 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2C23B5523E6; Fri, 22 Apr 2022 15:32:00 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id C27ED1940355; Fri, 22 Apr 2022 15:31:59 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 31A7D1940352 for ; Fri, 22 Apr 2022 15:31:59 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 1390B416363; Fri, 22 Apr 2022 15:31:59 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id 83357401475 for ; Fri, 22 Apr 2022 15:31:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1650641530; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=PQ+/517tFAhp12sX+RCctr+CzgN/3FbccCwRolDKVdY=; b=iJLI1I7dyJpLBIDrfPuQ7fooyB2jcYFqfVWURkn8Zdc4XNVLOZ0lc3ymLXaFIeXXyn4qtB GIFRGtKr+dxUrr6gZUP5bYVlJF2QEbWorFWkNfxs+NdV63f2otUloIJ9Olw7rCULbH3iRP rpsdQhj/pur+69763wbzwym2gnYVdds= X-MC-Unique: 6GO1jA2yOHOB2EJBdxNdvg-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 02/11] qemuDomainValidateStorageSource: Reorganize encryption config validation Date: Fri, 22 Apr 2022 17:31:46 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.85 on 10.11.54.9 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1650641594597100001 Content-Type: text/plain; charset="utf-8" Move the two ad-hoc checks below into the block which already tests whether encryption is requested. If we first disallow the old-style qcow2 encryption we can remove a whole block of validation later on. Also the capability check for qcow2+luks can be simplified by moving it into the same block. Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain.c | 55 +++++++++++++----------------------------- 1 file changed, 17 insertions(+), 38 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 00c209313b..f3d9b2e48e 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -4821,25 +4821,6 @@ qemuDomainValidateStorageSource(virStorageSource *sr= c, return -1; } - if ((src->format =3D=3D VIR_STORAGE_FILE_QCOW || - src->format =3D=3D VIR_STORAGE_FILE_QCOW2) && - src->encryption && - (src->encryption->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMAT_DEFA= ULT || - src->encryption->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMAT_QCOW= )) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("old qcow/qcow2 encryption is not supported")= ); - return -1; - } - - if (src->format =3D=3D VIR_STORAGE_FILE_QCOW2 && - src->encryption && - src->encryption->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMAT_LUKS = && - !virQEMUCapsGet(qemuCaps, QEMU_CAPS_QCOW2_LUKS)) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("LUKS encrypted QCOW2 images are not supported by= this QEMU")); - return -1; - } - if (src->format =3D=3D VIR_STORAGE_FILE_FAT && actualType !=3D VIR_STORAGE_TYPE_VOLUME && actualType !=3D VIR_STORAGE_TYPE_DIR) { @@ -5019,6 +5000,13 @@ qemuDomainValidateStorageSource(virStorageSource *sr= c, } if (src->encryption) { + if (src->encryption->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMAT_D= EFAULT || + src->encryption->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMAT_Q= COW) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("old qcow/qcow2 encryption is not supported")= ); + return -1; + } + switch (src->encryption->engine) { case VIR_STORAGE_ENCRYPTION_ENGINE_QEMU: switch ((virStorageEncryptionFormatType) src->encryption->= format) { @@ -5040,38 +5028,29 @@ qemuDomainValidateStorageSource(virStorageSource *s= rc, } break; + case VIR_STORAGE_ENCRYPTION_ENGINE_LIBRBD: if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_RBD_ENCRYPTION)) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("librbd encryption is not supported b= y this QEMU binary")); return -1; } - - switch ((virStorageEncryptionFormatType) src->encryption->= format) { - case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS: - case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS2: - break; - - case VIR_STORAGE_ENCRYPTION_FORMAT_QCOW: - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("librbd encryption engine only su= pports luks/luks2 formats")); - return -1; - - case VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT: - case VIR_STORAGE_ENCRYPTION_FORMAT_LAST: - default: - virReportEnumRangeError(virStorageEncryptionFormat= Type, - src->encryption->format); - return -1; - } - break; + case VIR_STORAGE_ENCRYPTION_ENGINE_DEFAULT: case VIR_STORAGE_ENCRYPTION_ENGINE_LAST: virReportEnumRangeError(virStorageEncryptionEngine, src->encryption->engine); return -1; } + + if (src->format =3D=3D VIR_STORAGE_FILE_QCOW2 && + src->encryption->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMAT_L= UKS && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_QCOW2_LUKS)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("LUKS encrypted QCOW2 images are not supporte= d by this QEMU")); + return -1; + } } if (src->tlsHostname) { --=20 2.35.1 From nobody Sat May 18 13:36:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1650641528; cv=none; d=zohomail.com; s=zohoarc; b=BCsuugfr0c/hTcIGjRGr2RXq7I7zggaLBy2FBI5kYaQ3mQZnwrhC6wOGtZQBgyYpVHc/iNoQ6F7gE1s1q9jK1xYF+fh7HsFdjEnlCpMg7aiZA3bhi3ceI2lGbB0OgaPXg9xnLIpHjdJblZhUjOIpjqWYxvyE0JHsHFtdIZiuOPs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1650641528; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ff0SVN5Ei+wqfKahZJ1zqLH1hzey9td00MrKWcyruJo=; b=ZiC2/H5iyJu9qkaVgNiEEErRuG0bibNH5uDhlps4KmSEHQhEIC2Cdb/2oGGbSs7w/b76AgB3W8K6fdVk573nERCnRXptZCeuNbHbVFJx7qNfv5whl9UEpoF4aQdxRazMXCiDHKmo28Aj+30jLOk+oTF2Pi+6xkibCyqrx05ldjI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1650641528072996.3659261589746; Fri, 22 Apr 2022 08:32:08 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-190-mywLG--APLaqc8HFRrBeFA-1; Fri, 22 Apr 2022 11:32:05 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 8D2C8185A7A4; Fri, 22 Apr 2022 15:32:02 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7461440D0174; Fri, 22 Apr 2022 15:32:02 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 18EDF194035C; Fri, 22 Apr 2022 15:32:02 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 09C2D194036E for ; Fri, 22 Apr 2022 15:32:00 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id DEEB3416362; Fri, 22 Apr 2022 15:31:59 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6B0AB416158 for ; Fri, 22 Apr 2022 15:31:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1650641527; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=ff0SVN5Ei+wqfKahZJ1zqLH1hzey9td00MrKWcyruJo=; b=KLqey+clkWG68KQni+0D0tkuFWYWYCzhg9HMZJYFVb5jCx9N0LmB8q5DKGlAw8PdxeMO0N liNptxIz+UnLScU8RG1cZLDGQuISjTQmh4s5jiMKzAG+9pnUutnUtelwH3KZLHSmTeNf0p CrXrsQP2ecauPDhXWSUwlkTGZB1hRAI= X-MC-Unique: mywLG--APLaqc8HFRrBeFA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 03/11] qemuDomainValidateStorageSource: Add validation of 'encryption' support Date: Fri, 22 Apr 2022 17:31:47 +0200 Message-Id: <4cb3f60513165cbb833341eae2528f459e4ef3bb.1650641396.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.84 on 10.11.54.1 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1650641574705100001 Content-Type: text/plain; charset="utf-8" Reject encryption requests for unsupported image format types. Add negative test for the rejected cases as well as modify 'disk-network-rbd-encryption' case to validate that with librbd encryption the format doesn matter. Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain.c | 13 +++++++ .../disk-encryption-wrong.x86_64-latest.err | 1 + .../disk-encryption-wrong.xml | 37 +++++++++++++++++++ ...-network-rbd-encryption.x86_64-latest.args | 2 +- .../disk-network-rbd-encryption.xml | 2 +- tests/qemuxml2argvtest.c | 1 + ...k-network-rbd-encryption.x86_64-latest.xml | 2 +- 7 files changed, 55 insertions(+), 3 deletions(-) create mode 100644 tests/qemuxml2argvdata/disk-encryption-wrong.x86_64-lat= est.err create mode 100644 tests/qemuxml2argvdata/disk-encryption-wrong.xml diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index f3d9b2e48e..b5abf99951 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -5012,6 +5012,12 @@ qemuDomainValidateStorageSource(virStorageSource *sr= c, switch ((virStorageEncryptionFormatType) src->encryption->= format) { case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS: case VIR_STORAGE_ENCRYPTION_FORMAT_QCOW: + if (src->format !=3D VIR_STORAGE_FILE_QCOW2 && + src->format !=3D VIR_STORAGE_FILE_RAW) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s= ", + _("encryption is supported only= with 'raw' and 'qcow2' image format")); + return -1; + } break; case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS2: @@ -5035,6 +5041,13 @@ qemuDomainValidateStorageSource(virStorageSource *sr= c, _("librbd encryption is not supported b= y this QEMU binary")); return -1; } + + if (actualType !=3D VIR_STORAGE_TYPE_NETWORK && + src->protocol !=3D VIR_STORAGE_NET_PROTOCOL_RBD) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("librbd encryption is supported only = with RBD backed disks")); + return -1; + } break; case VIR_STORAGE_ENCRYPTION_ENGINE_DEFAULT: diff --git a/tests/qemuxml2argvdata/disk-encryption-wrong.x86_64-latest.err= b/tests/qemuxml2argvdata/disk-encryption-wrong.x86_64-latest.err new file mode 100644 index 0000000000..e52340be07 --- /dev/null +++ b/tests/qemuxml2argvdata/disk-encryption-wrong.x86_64-latest.err @@ -0,0 +1 @@ +unsupported configuration: encryption is supported only with 'raw' and 'qc= ow2' image format diff --git a/tests/qemuxml2argvdata/disk-encryption-wrong.xml b/tests/qemux= ml2argvdata/disk-encryption-wrong.xml new file mode 100644 index 0000000000..d0671721f7 --- /dev/null +++ b/tests/qemuxml2argvdata/disk-encryption-wrong.xml @@ -0,0 +1,37 @@ + + encryptdisk + 496898a6-e6ff-f7c8-5dc2-3cf410945ee9 + 1048576 + 524288 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + + + + + +
+ + +
+ + + + + +
+ + + diff --git a/tests/qemuxml2argvdata/disk-network-rbd-encryption.x86_64-late= st.args b/tests/qemuxml2argvdata/disk-network-rbd-encryption.x86_64-latest.= args index 2de29d8174..d5712cb0ba 100644 --- a/tests/qemuxml2argvdata/disk-network-rbd-encryption.x86_64-latest.args +++ b/tests/qemuxml2argvdata/disk-network-rbd-encryption.x86_64-latest.args @@ -42,7 +42,7 @@ XDG_CONFIG_HOME=3D/tmp/lib/domain--1-encryptdisk/.config \ -device '{"driver":"virtio-blk-pci","bus":"pci.0","addr":"0x5","drive":"li= bvirt-2-format","id":"virtio-disk2"}' \ -object '{"qom-type":"secret","id":"libvirt-1-format-encryption-secret0","= data":"9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1","k= eyid":"masterKey0","iv":"AAECAwQFBgcICQoLDA0ODw=3D=3D","format":"base64"}' \ -blockdev '{"driver":"rbd","pool":"pool","image":"image2","server":[{"host= ":"mon1.example.org","port":"6321"},{"host":"mon2.example.org","port":"6322= "},{"host":"mon3.example.org","port":"6322"}],"encrypt":{"format":"luks2","= key-secret":"libvirt-1-format-encryption-secret0"},"node-name":"libvirt-1-s= torage","auto-read-only":true,"discard":"unmap"}' \ --blockdev '{"node-name":"libvirt-1-format","read-only":false,"driver":"raw= ","file":"libvirt-1-storage"}' \ +-blockdev '{"node-name":"libvirt-1-format","read-only":false,"driver":"vmd= k","file":"libvirt-1-storage"}' \ -device '{"driver":"virtio-blk-pci","bus":"pci.0","addr":"0x6","drive":"li= bvirt-1-format","id":"virtio-disk3"}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","add= r":"0x3"}' \ diff --git a/tests/qemuxml2argvdata/disk-network-rbd-encryption.xml b/tests= /qemuxml2argvdata/disk-network-rbd-encryption.xml index eeadbfeeba..d1fcf2da61 100644 --- a/tests/qemuxml2argvdata/disk-network-rbd-encryption.xml +++ b/tests/qemuxml2argvdata/disk-network-rbd-encryption.xml @@ -51,7 +51,7 @@ - + diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 41fd032f19..1f080daba7 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1374,6 +1374,7 @@ mymain(void) DO_TEST_CAPS_LATEST("disk-network-rbd"); DO_TEST_CAPS_VER_PARSE_ERROR("disk-network-rbd-encryption", "6.0.0"); DO_TEST_CAPS_LATEST("disk-network-rbd-encryption"); + DO_TEST_CAPS_LATEST_PARSE_ERROR("disk-encryption-wrong"); DO_TEST_CAPS_VER_FAILURE("disk-network-rbd-no-colon", "4.1.0"); DO_TEST_CAPS_LATEST("disk-network-rbd-no-colon"); DO_TEST_CAPS_VER("disk-network-sheepdog", "4.1.0"); diff --git a/tests/qemuxml2xmloutdata/disk-network-rbd-encryption.x86_64-la= test.xml b/tests/qemuxml2xmloutdata/disk-network-rbd-encryption.x86_64-late= st.xml index a91504202a..99bba52db5 100644 --- a/tests/qemuxml2xmloutdata/disk-network-rbd-encryption.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/disk-network-rbd-encryption.x86_64-latest.xml @@ -57,7 +57,7 @@
- + --=20 2.35.1 From nobody Sat May 18 13:36:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1650641584; cv=none; d=zohomail.com; s=zohoarc; b=gIGwtkMLtpgK9IYHoGvS2ZxYU56hrvCwKtpC0E+bs0ApOUjzFe9y9jM0c+zlyu5U0K+wV0j5DfZtwKGcEvW08MY47UXJoFFkdvdlR9vR64aG+wTMgaBzK3nt/dheu9kAP++H3kCloSbJQboR/G1aBdsgknlpZfbt9Iz3L+Vq5Vc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1650641584; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=NZlfuApcUy8WPGZk8pP/5pKkxW6hY/bAoQW3OiU2rCc=; b=blmb+EUJnB0GyfDCui/MrFx86kr/m+qtsV6Amumr0UvPI557b8Fe7hrviRQ4Xt7GgqUiHMkZitnoyN3+ZfeIfiJtheQy5OsNYQN4hYR4K5iOJ+1oC0gS/93Whsq2+wTTyuq9R7yKxVckVsjewkNRCCBOrQyHUO/lNS7VyrkqIVg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1650641584038950.183556774498; Fri, 22 Apr 2022 08:33:04 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-301-KR92jnTYNS-hM_apXRnQPA-1; Fri, 22 Apr 2022 11:32:09 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 62CD12811806; Fri, 22 Apr 2022 15:32:05 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4669740EC01E; Fri, 22 Apr 2022 15:32:05 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id B3CD91940356; Fri, 22 Apr 2022 15:32:04 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id D78A71940351 for ; Fri, 22 Apr 2022 15:32:00 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id B81B1401475; Fri, 22 Apr 2022 15:32:00 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3C6B7416362 for ; Fri, 22 Apr 2022 15:32:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1650641582; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=NZlfuApcUy8WPGZk8pP/5pKkxW6hY/bAoQW3OiU2rCc=; b=PuN2Fjjss05eSXVw7rAhshP10itw8qi5zu8/UrEEJpUyPEqcDwV7Wbinn5vj0AzwylQUh6 N49hGy+nrdu5taxUVyaHqTL2+ucchDonmDewmwYKP8oXD8ZRGbTwxHEwhSm7Gxa6pLZq0q G/TrpvUAHyId6KQSrNdFcCGMER+LUMI= X-MC-Unique: KR92jnTYNS-hM_apXRnQPA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 04/11] qemuBlockStorageSourceGetRBDProps: Simplify handling of encryption format Date: Fri, 22 Apr 2022 17:31:48 +0200 Message-Id: <6c1076e8d0b2c3f379a2eef946a7d483159ee71d.1650641396.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.84 on 10.11.54.2 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1650641597727100012 Content-Type: text/plain; charset="utf-8" Remove the impossible error message about the 'qcow2' encryption format not being supported. We validated before that it can't happen. Additionally the code can be simplified by removing error handling from impossible code paths as the last resort is virJSONValueCreate not allowing NULL argument with the 's:' modifier. Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_block.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index 3d961c8b39..60e03d418e 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -882,7 +882,7 @@ qemuBlockStorageSourceGetRBDProps(virStorageSource *src, g_autoptr(virJSONValue) servers =3D NULL; virJSONValue *ret =3D NULL; g_autoptr(virJSONValue) encrypt =3D NULL; - const char *encformat; + const char *encformat =3D NULL; const char *username =3D NULL; g_autoptr(virJSONValue) authmodes =3D NULL; const char *keysecret =3D NULL; @@ -911,16 +911,10 @@ qemuBlockStorageSourceGetRBDProps(virStorageSource *s= rc, break; case VIR_STORAGE_ENCRYPTION_FORMAT_QCOW: - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("librbd encryption engine only supports l= uks/luks2 formats")); - return NULL; - case VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT: case VIR_STORAGE_ENCRYPTION_FORMAT_LAST: default: - virReportEnumRangeError(virStorageEncryptionFormatType, - src->encryption->format); - return NULL; + break; } if (virJSONValueObjectAdd(&encrypt, --=20 2.35.1 From nobody Sat May 18 13:36:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1650641534; cv=none; d=zohomail.com; s=zohoarc; b=fOQ9+GdM+yIlBVYOlE/7dNouG25+uA+CQdMA2RKA9GKOuLssMYwtmwUMJkR99Xmkc4ajI4aj6y2QX7CW6C5g5YnpdgsYFwNEpQH1UCA+YvAYZgyEyZbOD5qzoxnva3/bthj+VKD9+eHO0eiORpGeOMPbVmOFAlV8t0bqz5pr6r4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1650641534; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=iFZHq0X9eiQlCk/MJhg6BpxMug+3UlERcGADvOAFiUA=; b=QMsCzk9el5kx2bGXD1tgzrB0ZOjC5j66ABxxUhnC3W9/rV5ZW9YC9aCp32HG+YUBC7Tqq5dxoah9fDuDhQfnKFkKnD5IvBSUuxCCnU0CD2yVISoAf+i9U8KP2RzlOqaYU2DP58fn7SRg+n6fOOv23rtOk0MxFQ58Wsm1b/dDw3w= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 165064153486386.29681655022682; Fri, 22 Apr 2022 08:32:14 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-434-P0oF9RgDP-iYf9GjPCNibw-1; Fri, 22 Apr 2022 11:32:07 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5A3E13C21F9D; Fri, 22 Apr 2022 15:32:03 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 45E15409B400; Fri, 22 Apr 2022 15:32:03 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 0F3921940353; Fri, 22 Apr 2022 15:32:03 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id BBF7D1940351 for ; Fri, 22 Apr 2022 15:32:01 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 9613E416362; Fri, 22 Apr 2022 15:32:01 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id 22637401475 for ; Fri, 22 Apr 2022 15:32:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1650641533; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=iFZHq0X9eiQlCk/MJhg6BpxMug+3UlERcGADvOAFiUA=; b=iENcfDEXlCEqCf+wJPbfqQJb1d1Bqra9sigOes0a9u7tYAhbxTXNpec1l36FqpUt9/DXyh n4y9o33O3EGSNEg5+0ck6rJrkAeFgaSo2/H1vhCQQKwwm9sprJdCfgdtHBEaBP+FCc6qTA Elu3WNXj6Eh9TzQZ5cWKRJKp8MVVL8M= X-MC-Unique: P0oF9RgDP-iYf9GjPCNibw-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 05/11] virDomainDiskDefValidateSourceChainOne: Reject authentication for protocols which don't support it Date: Fri, 22 Apr 2022 17:31:49 +0200 Message-Id: <28597d3bec842198cfc117cdef56108e33f1d92f.1650641396.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.84 on 10.11.54.1 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1650641596207100003 Content-Type: text/plain; charset="utf-8" Only certain disk protocols support authentication. Add validation for this field. Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- src/conf/domain_validate.c | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 68190fc3e2..3f03feee4f 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -473,10 +473,44 @@ virDomainDiskVhostUserValidate(const virDomainDiskDef= *disk) static int virDomainDiskDefValidateSourceChainOne(const virStorageSource *src) { + virStorageType actualType =3D virStorageSourceGetActualType(src); + if (src->type =3D=3D VIR_STORAGE_TYPE_NETWORK && src->auth) { virStorageAuthDef *authdef =3D src->auth; int actUsage; + if (actualType !=3D VIR_STORAGE_TYPE_NETWORK) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("authentication is supported only for network= backed disks")); + return -1; + } + + switch ((virStorageNetProtocol) src->protocol) { + case VIR_STORAGE_NET_PROTOCOL_ISCSI: + case VIR_STORAGE_NET_PROTOCOL_HTTP: + case VIR_STORAGE_NET_PROTOCOL_HTTPS: + case VIR_STORAGE_NET_PROTOCOL_FTP: + case VIR_STORAGE_NET_PROTOCOL_FTPS: + case VIR_STORAGE_NET_PROTOCOL_SSH: + case VIR_STORAGE_NET_PROTOCOL_RBD: + break; + + case VIR_STORAGE_NET_PROTOCOL_NBD: + case VIR_STORAGE_NET_PROTOCOL_SHEEPDOG: + case VIR_STORAGE_NET_PROTOCOL_GLUSTER: + case VIR_STORAGE_NET_PROTOCOL_TFTP: + case VIR_STORAGE_NET_PROTOCOL_VXHS: + case VIR_STORAGE_NET_PROTOCOL_NFS: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("authentication is not supported for protocol= '%s'"), + virStorageNetProtocolTypeToString(src->protocol= )); + return -1; + + case VIR_STORAGE_NET_PROTOCOL_NONE: + case VIR_STORAGE_NET_PROTOCOL_LAST: + break; + } + if ((actUsage =3D virSecretUsageTypeFromString(authdef->secrettype= )) < 0) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("unknown secret type '%s'"), --=20 2.35.1 From nobody Sat May 18 13:36:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1650641529; cv=none; d=zohomail.com; s=zohoarc; b=A9pRzyzdVdRsk8MueyZ3GOqqaqVpvSCkf84AKFE21gZqWEucTfvF5Fa6F27QD8whzMD9jdB4RA4JVEmnsuW8jnI4ABTSI5snMdABVf+L5ilsnyQklDRYPLSiw+3X3sbn6m8JBLfZf1IpNDuAG4Y/SsBxF3mIG8gTDDEEo2oMu9M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1650641529; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=IG86aEtWOYN8fBnHhuiIQNaPN559S4oujSseSY9X6pA=; b=Z0NLnE4nDq2l0XZSrRY205TEsF+jCqE2IpZMjUrrfTIr6X7uWLUxkJ/9rf3kdkZccmjFcrqLhJf2SFR6fAlUtHDf7qzz+bKlkVL0C+k/FfaoTwQGMq+iMqEyZIx+rSt1MukOKfQKNppf/kEPmXMf7D/WC1vhmZm7RvcwH0u9keU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1650641529622446.8130296883471; Fri, 22 Apr 2022 08:32:09 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-161-w0DvTpMYMBeSTC9tSwhT7w-1; Fri, 22 Apr 2022 11:32:06 -0400 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id CFC29383A5F8; Fri, 22 Apr 2022 15:32:03 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id B80BB41636C; Fri, 22 Apr 2022 15:32:03 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 538D81940369; Fri, 22 Apr 2022 15:32:03 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 80D3F194036B for ; Fri, 22 Apr 2022 15:32:02 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 74D05416158; Fri, 22 Apr 2022 15:32:02 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id E95B0401475 for ; Fri, 22 Apr 2022 15:32:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1650641528; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=IG86aEtWOYN8fBnHhuiIQNaPN559S4oujSseSY9X6pA=; b=addgkkZLyeWteYMKeQF4twcRLdVxNEJ1wCDeYSrGhZwg7a+aCz4lriFHWYZSqOYTtZr/Vp xn10TKj2GNkk7RkAvd7t6ZZo70uvenfNiK4QlBR1mImDzguGDzJpPAdMh+gTGow9MJ0WwG zW6TWxxxw4JTcCwq2rvP69DLZlyHn9M= X-MC-Unique: w0DvTpMYMBeSTC9tSwhT7w-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 06/11] qemuDomainStorageSourceHasAuth: Don't decide based on protocol Date: Fri, 22 Apr 2022 17:31:50 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1650641591659100001 Content-Type: text/plain; charset="utf-8" The validation should be the only point to decide whether authentication is supported for a disk backing protocol. The rest of the code can then simply always enable it. This also fixes a crash when authentication is requested e.g. for a HTTP backed disk as the blockdev props formatter expects that it was already set up. Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index b5abf99951..0486826fc7 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1236,9 +1236,7 @@ qemuDomainStorageSourceHasAuth(virStorageSource *src) { if (!virStorageSourceIsEmpty(src) && virStorageSourceGetActualType(src) =3D=3D VIR_STORAGE_TYPE_NETWORK= && - src->auth && - (src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_ISCSI || - src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_RBD)) + src->auth) return true; return false; --=20 2.35.1 From nobody Sat May 18 13:36:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1650641542; cv=none; d=zohomail.com; s=zohoarc; b=UjUkDhHRpkUwEJL072hE9j4FnDmMOQlZBpXH0poRAnXY3sA+X4Nuli83w/xFVRijhBoP1qrV+8cHuaPZmuH8srq+ZffAZSMDR+7dZg/BF8dbph5Iyw2Mgb6o9jlmSnWXZhyMjxjbe5YVwI/CVExBKbnIiXQEZo5k3zb/adWJXcY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1650641542; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=aQ7J8CRIHDqCF/i3H3oB2XUGheqpNxAxSprTCDG7Tkg=; b=EuPu2Yij/+W6lTjc6IJbRGmiaYc/n7pIBh/DBZuSmaxMKghaVvp1HWCrjVkMDSwohXn30cxscM/3CCIC/D/3Tdy/d31w9n4lrYNgHEYo5jySNfDPhkkim6Vz1xU8kAKPGj7qH+aftXEsEwPynGhcbgykuIiyE4atjLuULVpKNjo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 165064154228487.70753663159326; Fri, 22 Apr 2022 08:32:22 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-481-Fd5VWlp0O4SIkVgk-cCInw-1; Fri, 22 Apr 2022 11:32:14 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C0EB3833975; Fri, 22 Apr 2022 15:32:05 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id A893940EC024; Fri, 22 Apr 2022 15:32:05 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 5E1F51940367; Fri, 22 Apr 2022 15:32:05 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 8BCDD194036F for ; Fri, 22 Apr 2022 15:32:03 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 5812241636C; Fri, 22 Apr 2022 15:32:03 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id DB4BF401475 for ; Fri, 22 Apr 2022 15:32:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1650641541; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=aQ7J8CRIHDqCF/i3H3oB2XUGheqpNxAxSprTCDG7Tkg=; b=IbCMnicqRYsB0tFKpmhl3TaBgSoDOCJI5mrQeAF31FsxZOcnlJRrGnbchDsBsu8A7bWnuk sDqouR92StBCyYhSACgBBuX3OmGJvWiisa4+76MH4I5Uw225TfgFF/zsjKR5taRGH/9IxL 6x9YtGvtooPHlEtaIPMCvRVrz36SAl8= X-MC-Unique: Fd5VWlp0O4SIkVgk-cCInw-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 07/11] qemu: domain: Inline qemuDomainDiskHasEncryptionSecret Date: Fri, 22 Apr 2022 17:31:51 +0200 Message-Id: <47da8409e1dde0ef0f022e30832bc0f89f6036ea.1650641396.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.84 on 10.11.54.2 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1650641597492100009 Content-Type: text/plain; charset="utf-8" Since we are already checking that the encryption format can be only _LUKS and _LUKS2 this wrapper function doesn't make much sense any more. The only one caller can do this internally. The move of virStorageSourceIsEmpty is correct as there are no secrets to setup if the disk is empty anyways. Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain.c | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 0486826fc7..1eb15c8989 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1243,19 +1243,6 @@ qemuDomainStorageSourceHasAuth(virStorageSource *src) } -static bool -qemuDomainDiskHasEncryptionSecret(virStorageSource *src) -{ - if (!virStorageSourceIsEmpty(src) && src->encryption && - (src->encryption->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMAT_LUKS= || - src->encryption->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMAT_LUKS= 2) && - src->encryption->nsecrets > 0) - return true; - - return false; -} - - static qemuDomainSecretInfo * qemuDomainSecretStorageSourcePrepareCookies(qemuDomainObjPrivate *priv, virStorageSource *src, @@ -1291,7 +1278,10 @@ qemuDomainSecretStorageSourcePrepare(qemuDomainObjPr= ivate *priv, { qemuDomainStorageSourcePrivate *srcPriv; bool hasAuth =3D qemuDomainStorageSourceHasAuth(src); - bool hasEnc =3D qemuDomainDiskHasEncryptionSecret(src); + bool hasEnc =3D src->encryption && src->encryption->nsecrets > 0; + + if (virStorageSourceIsEmpty(src)) + return 0; if (!hasAuth && !hasEnc && src->ncookies =3D=3D 0) return 0; --=20 2.35.1 From nobody Sat May 18 13:36:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1650641583; cv=none; d=zohomail.com; s=zohoarc; b=UxVj1hyl7lSNSs2DSuw1197nKNMDap7IMnRbc+QIwq0eYi+cVCEnaCTXxt6a/qeusRRAEZOi9iVPMGsICcmplhwja1ka35luCB8O+wygGGpizq2HP8ScshZIBfzeHEx2A+1opV4yXAXxXxUnVpYoZt2pJH3/b7U0Lx8AokE21LI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1650641583; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=SkgG4CYKC6xnfbJN6Tt6ssVMxoZMmB0zZ0LWtvmHIsk=; b=ObcegHyu3in4YQesf+VUzsMnF1BdaTQGAOoXi0g48SgcN8vL4zVQ8Y2JPcYvBtHrnZqzJdXpCoAw/aABbcv1li3hYH60OjifN3t/MhAKWqlJFediKkNLkVt81jjC4IQEsgJANU5LrplSInxuZLE0kOYa2O5hLv6qafo50UfIp08= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1650641583248161.6305166286138; Fri, 22 Apr 2022 08:33:03 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-433-XjksfYqPO5yVWMdrYjHRRw-1; Fri, 22 Apr 2022 11:32:10 -0400 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5B5662811810; Fri, 22 Apr 2022 15:32:06 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 488555523D0; Fri, 22 Apr 2022 15:32:06 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id BEAC41940351; Fri, 22 Apr 2022 15:32:05 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 47CE91940352 for ; Fri, 22 Apr 2022 15:32:04 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 38D23416158; Fri, 22 Apr 2022 15:32:04 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id A8BDD401475 for ; Fri, 22 Apr 2022 15:32:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1650641582; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=SkgG4CYKC6xnfbJN6Tt6ssVMxoZMmB0zZ0LWtvmHIsk=; b=E05G/g2HjqoucSld6nS+INQRHAby5HJc3SH3ZdkUIXZ6bDzUwlDQDOaG3PVF1+Ooep8Slk oB/m9Anouu31Dmh0FciCt+VLmPjTSkZVTy45ltRbKylqKDeMYY/hlpT3WfJn2fwrhiizVm Td+Pja25IRFziamwXeFO9mXJxKti8v4= X-MC-Unique: XjksfYqPO5yVWMdrYjHRRw-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 08/11] qemu: domain: Inline qemuDomainStorageSourceHasAuth Date: Fri, 22 Apr 2022 17:31:52 +0200 Message-Id: <9fd4926a567f9fa52c86740683bdc4040081332f.1650641396.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.85 on 10.11.54.9 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1650641597692100010 Content-Type: text/plain; charset="utf-8" The iSCSI hostdev code doesn't require the check for the empty drive and the check for the protocol because those are already guaranteed at that point. In qemuDomainSecretStorageSourcePrepare we don't need to check the network disk type either as it's now guaranteed by the definition validator. Thus both callers can simply check whether src->auth is present and the helper can be removed. Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_domain.c | 19 +++---------------- src/qemu/qemu_domain.h | 3 --- 2 files changed, 3 insertions(+), 19 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 1eb15c8989..7974cdb00b 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1231,18 +1231,6 @@ qemuDomainSecretDiskDestroy(virDomainDiskDef *disk) } -bool -qemuDomainStorageSourceHasAuth(virStorageSource *src) -{ - if (!virStorageSourceIsEmpty(src) && - virStorageSourceGetActualType(src) =3D=3D VIR_STORAGE_TYPE_NETWORK= && - src->auth) - return true; - - return false; -} - - static qemuDomainSecretInfo * qemuDomainSecretStorageSourcePrepareCookies(qemuDomainObjPrivate *priv, virStorageSource *src, @@ -1277,13 +1265,12 @@ qemuDomainSecretStorageSourcePrepare(qemuDomainObjP= rivate *priv, const char *aliasformat) { qemuDomainStorageSourcePrivate *srcPriv; - bool hasAuth =3D qemuDomainStorageSourceHasAuth(src); bool hasEnc =3D src->encryption && src->encryption->nsecrets > 0; if (virStorageSourceIsEmpty(src)) return 0; - if (!hasAuth && !hasEnc && src->ncookies =3D=3D 0) + if (!src->auth && !hasEnc && src->ncookies =3D=3D 0) return 0; if (!(src->privateData =3D qemuDomainStorageSourcePrivateNew())) @@ -1291,7 +1278,7 @@ qemuDomainSecretStorageSourcePrepare(qemuDomainObjPri= vate *priv, srcPriv =3D QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(src); - if (hasAuth) { + if (src->auth) { virSecretUsageType usageType =3D VIR_SECRET_USAGE_TYPE_ISCSI; if (src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_RBD) @@ -5663,7 +5650,7 @@ qemuDomainDeviceHostdevDefPostParseRestoreSecAlias(vi= rDomainHostdevDef *hostdev, if (hostdev->mode !=3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS || hostdev->source.subsys.type !=3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SC= SI || scsisrc->protocol !=3D VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI= || - !qemuDomainStorageSourceHasAuth(iscsisrc->src)) + !iscsisrc->src->auth) return 0; if (!(priv =3D qemuDomainStorageSourcePrivateFetch(iscsisrc->src))) diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 0415a34908..c7125722e0 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -870,9 +870,6 @@ void qemuDomainSecretInfoDestroy(qemuDomainSecretInfo *= secinfo); void qemuDomainSecretDiskDestroy(virDomainDiskDef *disk) ATTRIBUTE_NONNULL(1); -bool qemuDomainStorageSourceHasAuth(virStorageSource *src) - ATTRIBUTE_NONNULL(1); - qemuDomainSecretInfo * qemuDomainSecretInfoTLSNew(qemuDomainObjPrivate *priv, const char *srcAlias, --=20 2.35.1 From nobody Sat May 18 13:36:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1650641535; cv=none; d=zohomail.com; s=zohoarc; b=bdbGch/HvSpviVMeNZQWtauw7SaOTCMfyaZClE/Y+JmJX7lbpJferO8rYcwjT/u8ews83WmE/eV4AMD13CobMa6IovPtjEInE72rT6OQqIhxUW7q09F7VC/dFkmL9H1XB+1n228KrREbJiH6a91mJ+pwkAbkyT//9Z5f5elh4Zw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1650641535; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=UTz1WU2pqFpVqTaOlbqImn4BUO99dzCGQ0T6XAWjjpE=; b=daXxG4eaYQu6YVcWS1lNP8Z4T+F1BXuUVKAJio/V7yFDbv0vOMVtf8jY2HixJhuSgkoMLyn4u6/HtNHhkH3tgJrkVGfsewnHiHUB7ZxdVDm1or2L2z2+4FIWAcLPJkonRHmhjwskZxomekA5FgpogZfwo8zipStzMeN7j2WitUE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1650641535399234.58214747530644; Fri, 22 Apr 2022 08:32:15 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-113-pLSrtzY5MkmWbg19CMV-OQ-1; Fri, 22 Apr 2022 11:32:10 -0400 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B785E1C0E0F0; Fri, 22 Apr 2022 15:32:07 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 33369416362; Fri, 22 Apr 2022 15:32:07 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 107BD194035F; Fri, 22 Apr 2022 15:32:06 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 36FE51940364 for ; Fri, 22 Apr 2022 15:32:05 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 29A92416158; Fri, 22 Apr 2022 15:32:05 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9AE74401475 for ; Fri, 22 Apr 2022 15:32:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1650641534; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=UTz1WU2pqFpVqTaOlbqImn4BUO99dzCGQ0T6XAWjjpE=; b=EqcId6HSgh0L4B5jjIa5T/P7DWR5z9unk9bRbmJzCzhqUYFeRuuwNf7iWgOqHtxmbFqWWT W/qUcOMgOA1S+W9VKRgDTQWtW7JyW35leP3wnMpENU3BeKQF8JJiVlkVccS3YHodf0O+jG HtE/JNRjVnIcN9sc3V8G64GIvsqLIPs= X-MC-Unique: pLSrtzY5MkmWbg19CMV-OQ-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 09/11] conf: schemas: Split out definition for 'ftp' protocol Date: Fri, 22 Apr 2022 17:31:53 +0200 Message-Id: <5c0924f93f74a9b258d1434b9102c4011ddd480d.1650641396.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1650641597264100006 Content-Type: text/plain; charset="utf-8" Separate it so that further addition can target 'ftp' only. Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- src/conf/schemas/domaincommon.rng | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincom= mon.rng index bf4d6e4b6f..c68acaa222 100644 --- a/src/conf/schemas/domaincommon.rng +++ b/src/conf/schemas/domaincommon.rng @@ -2046,13 +2046,31 @@ + + + + + + ftp + + + + + + + + + + + + + sheepdog - ftp tftp @@ -2159,6 +2177,7 @@ + --=20 2.35.1 From nobody Sat May 18 13:36:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1650641540; cv=none; d=zohomail.com; s=zohoarc; b=NbJsHKJ3TfM0UD8jtami68s2EqDrZUtC6d6+IE6/VgbOKfsuph6GSAr0UxX9IYJ3GjtP5RuLYEMnGaB5Hrr1LKY3DOEaF91HTsygUfnPhmlR9CgGnVh6DxF+Ax1E+EyTgnDEA7BKaFw5GdaChK1KPsqsxBKsJKbMnWO77zBD0oo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1650641540; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=F4kHEIvZf+/N1QtIUNJphVizJ5ROdXFZKjoKwytztso=; b=cZGNpVKee70e54sMf9ptnNf8Bn3fnRbIRQho1ndPuDgscHvjHpT1VnXsmqpOxZ5qCanhTD3rGjpQ9Xu26tLIKuREKVDpnMXU0Lrvyl3Y9pbMiBQ+0V0esuEi2jJNxFYysuFywq/qNyG7GPYwr3CaBNxrAt0qdZE2qnyWBzA8brM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1650641540096530.0496989084128; Fri, 22 Apr 2022 08:32:20 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-644-4qRHoMfLPYeY1nzB6eZ4eQ-1; Fri, 22 Apr 2022 11:32:14 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id EE31B38041D1; Fri, 22 Apr 2022 15:32:07 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id D64ED40EC020; Fri, 22 Apr 2022 15:32:07 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 635671940353; Fri, 22 Apr 2022 15:32:07 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 2C0F11940375 for ; Fri, 22 Apr 2022 15:32:06 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 0D17F416363; Fri, 22 Apr 2022 15:32:06 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7D784416370 for ; Fri, 22 Apr 2022 15:32:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1650641539; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=F4kHEIvZf+/N1QtIUNJphVizJ5ROdXFZKjoKwytztso=; b=b7HVy8Xjyaby81wmMXrcCQ7r9PDB2rCEE/xGYB730q6WYvOxBIkVk1o7gyqUm4gA2U8R2g /aO+rKmtWLGaIP/x8BO/6s5BcoE1x1EWmYMoKJyLk9XAFcNdAethmZCam7gAYSOPM2J9eu u7UCd3R3I4eJ+orpO3c8nxAXEYiyiR4= X-MC-Unique: 4qRHoMfLPYeY1nzB6eZ4eQ-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 10/11] conf: schema: Allow authentication for FTP(S) and HTTP(S) disks Date: Fri, 22 Apr 2022 17:31:54 +0200 Message-Id: <8ace523afa21e4bbf3093de2e8b5cd3b72bfc6eb.1650641396.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.84 on 10.11.54.2 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1650641597263100005 Content-Type: text/plain; charset="utf-8" The code already handles this so we just need to allow it in the schema. Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- src/conf/schemas/domaincommon.rng | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincom= mon.rng index c68acaa222..8afb0dadd4 100644 --- a/src/conf/schemas/domaincommon.rng +++ b/src/conf/schemas/domaincommon.rng @@ -1995,6 +1995,9 @@ + + + @@ -2020,6 +2023,9 @@ + + + @@ -2042,6 +2048,9 @@ + + + @@ -2061,6 +2070,9 @@ + + + --=20 2.35.1 From nobody Sat May 18 13:36:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1650641604; cv=none; d=zohomail.com; s=zohoarc; b=Pf70Z8t26FRhN1bBguYUF0FIdfbXiKTZcg3BLV7Yi8PY3wuDO7NUNc8i9/v2SxS9oHhfdG8Fwza1KUXqciRxlGpvIRNx+yITKyBci2miEzkJ95GSQAktHw+/A81mbb+gEKMSb+hiRyO9nvJ+woiZ380MOxNCS0Rzrix0uxv024c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1650641604; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=pzqaMB6Z9wSw9rXdMeQ+fJiWo4oBlKHEWO32b82Oq/o=; b=Ipo0fhVTFdr5dh8BR7r/MUZFIJsxK/4azR+vTy1InKLeOV+3+Mrqk20sTxf+syHXa5C9szS2iyIcR/Z4qMSB7hAENUjlqEGQ/ewlZNgIVqcciYW2AXeYGT7kcrFsnJM5RORCkXqy7OBSe3hfaFInyLobevl+sCuUu1dkluFPxBA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1650641604007607.9693423859119; Fri, 22 Apr 2022 08:33:24 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-395-IvMwzAvLPqqfIgFl4D3X6w-1; Fri, 22 Apr 2022 11:32:13 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 6F6D43C021A8; Fri, 22 Apr 2022 15:32:10 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 59A68409B3F9; Fri, 22 Apr 2022 15:32:10 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 10C2F1940353; Fri, 22 Apr 2022 15:32:10 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 2BF7A1940351 for ; Fri, 22 Apr 2022 15:32:07 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 2001E401475; Fri, 22 Apr 2022 15:32:07 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id 69007416363 for ; Fri, 22 Apr 2022 15:32:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1650641603; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=pzqaMB6Z9wSw9rXdMeQ+fJiWo4oBlKHEWO32b82Oq/o=; b=OK9GDvMlK01Stv8HFOD0q04VVCd6eIjbmieGZ7l/rPReohO0oeUFsJwqjmNmuZjN8PozQw RwJ54IKYxCn4vcwvr1t+xpsAJJ5i9Cp6wVRYe7ALKCb8LcEuTYWsRM/GcZr7FRGayhu5IL IPVFm1Cs1yPgtZgDr/BK7ILbtlUoVnI= X-MC-Unique: IvMwzAvLPqqfIgFl4D3X6w-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 11/11] tests: qemuxml2*: Add testing of authenticated http/ftp disks Date: Fri, 22 Apr 2022 17:31:55 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.84 on 10.11.54.1 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1650641605573100003 Content-Type: text/plain; charset="utf-8" Extend the 'disk-cdrom-network' to cover this instance. This also validates that the parameters of -blockdev conform to the QAPI schema. Also add the xml2xml variant of this test case. Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- .../disk-cdrom-network.x86_64-4.1.0.args | 6 +- .../disk-cdrom-network.x86_64-latest.args | 6 +- tests/qemuxml2argvdata/disk-cdrom-network.xml | 6 ++ .../disk-cdrom-network.x86_64-latest.xml | 72 +++++++++++++++++++ tests/qemuxml2xmltest.c | 1 + 5 files changed, 87 insertions(+), 4 deletions(-) create mode 100644 tests/qemuxml2xmloutdata/disk-cdrom-network.x86_64-late= st.xml diff --git a/tests/qemuxml2argvdata/disk-cdrom-network.x86_64-4.1.0.args b/= tests/qemuxml2argvdata/disk-cdrom-network.x86_64-4.1.0.args index 00030f208d..34bd38622a 100644 --- a/tests/qemuxml2argvdata/disk-cdrom-network.x86_64-4.1.0.args +++ b/tests/qemuxml2argvdata/disk-cdrom-network.x86_64-4.1.0.args @@ -28,9 +28,11 @@ QEMU_AUDIO_DRV=3Dnone \ -device piix3-usb-uhci,id=3Dusb,bus=3Dpci.0,addr=3D0x1.0x2 \ -drive file=3Dftp://host.name:21/url/path/file.iso,format=3Draw,if=3Dnone,= id=3Ddrive-ide0-0-0,readonly=3Don \ -device ide-cd,bus=3Dide.0,unit=3D0,drive=3Ddrive-ide0-0-0,id=3Dide0-0-0,b= ootindex=3D1 \ --drive file=3Dftps://host.name:990/url/path/file.iso,format=3Draw,if=3Dnon= e,id=3Ddrive-ide0-0-1,readonly=3Don \ +-object secret,id=3Dide0-0-1-auth-secret0,data=3D9eao5F8qtkGt+seB1HYivWIxb= twUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,keyid=3DmasterKey0,iv=3DAAECAwQFBgc= ICQoLDA0ODw=3D=3D,format=3Dbase64 \ +-drive file=3Dftps://host.name:990/url/path/file.iso,file.password-secret= =3Dide0-0-1-auth-secret0,format=3Draw,if=3Dnone,id=3Ddrive-ide0-0-1,readonl= y=3Don \ -device ide-cd,bus=3Dide.0,unit=3D1,drive=3Ddrive-ide0-0-1,id=3Dide0-0-1 \ --drive 'file=3Dhttps://host.name:443/url/path/file.iso?test=3Dval,format= =3Draw,if=3Dnone,id=3Ddrive-ide0-1-0,readonly=3Don' \ +-object secret,id=3Dide0-1-0-auth-secret0,data=3D9eao5F8qtkGt+seB1HYivWIxb= twUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,keyid=3DmasterKey0,iv=3DAAECAwQFBgc= ICQoLDA0ODw=3D=3D,format=3Dbase64 \ +-drive 'file=3Dhttps://host.name:443/url/path/file.iso?test=3Dval,file.pas= sword-secret=3Dide0-1-0-auth-secret0,format=3Draw,if=3Dnone,id=3Ddrive-ide0= -1-0,readonly=3Don' \ -device ide-cd,bus=3Dide.1,unit=3D0,drive=3Ddrive-ide0-1-0,id=3Dide0-1-0 \ -device virtio-balloon-pci,id=3Dballoon0,bus=3Dpci.0,addr=3D0x2 \ -sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,resource= control=3Ddeny \ diff --git a/tests/qemuxml2argvdata/disk-cdrom-network.x86_64-latest.args b= /tests/qemuxml2argvdata/disk-cdrom-network.x86_64-latest.args index 6bc09072eb..267e4cb47b 100644 --- a/tests/qemuxml2argvdata/disk-cdrom-network.x86_64-latest.args +++ b/tests/qemuxml2argvdata/disk-cdrom-network.x86_64-latest.args @@ -30,10 +30,12 @@ XDG_CONFIG_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.config= \ -blockdev '{"driver":"ftp","url":"ftp://host.name:21/url/path/file.iso","n= ode-name":"libvirt-3-storage","auto-read-only":true,"discard":"unmap"}' \ -blockdev '{"node-name":"libvirt-3-format","read-only":true,"driver":"raw"= ,"file":"libvirt-3-storage"}' \ -device '{"driver":"ide-cd","bus":"ide.0","unit":0,"drive":"libvirt-3-form= at","id":"ide0-0-0","bootindex":1}' \ --blockdev '{"driver":"ftps","url":"ftps://host.name:990/url/path/file.iso"= ,"node-name":"libvirt-2-storage","auto-read-only":true,"discard":"unmap"}' \ +-object '{"qom-type":"secret","id":"libvirt-2-storage-auth-secret0","data"= :"9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1","keyid"= :"masterKey0","iv":"AAECAwQFBgcICQoLDA0ODw=3D=3D","format":"base64"}' \ +-blockdev '{"driver":"ftps","url":"ftps://host.name:990/url/path/file.iso"= ,"username":"testuser","password-secret":"libvirt-2-storage-auth-secret0","= node-name":"libvirt-2-storage","auto-read-only":true,"discard":"unmap"}' \ -blockdev '{"node-name":"libvirt-2-format","read-only":true,"driver":"raw"= ,"file":"libvirt-2-storage"}' \ -device '{"driver":"ide-cd","bus":"ide.0","unit":1,"drive":"libvirt-2-form= at","id":"ide0-0-1"}' \ --blockdev '{"driver":"https","url":"https://host.name:443/url/path/file.is= o?test=3Dval","node-name":"libvirt-1-storage","auto-read-only":true,"discar= d":"unmap"}' \ +-object '{"qom-type":"secret","id":"libvirt-1-storage-auth-secret0","data"= :"9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1","keyid"= :"masterKey0","iv":"AAECAwQFBgcICQoLDA0ODw=3D=3D","format":"base64"}' \ +-blockdev '{"driver":"https","url":"https://host.name:443/url/path/file.is= o?test=3Dval","username":"testuser","password-secret":"libvirt-1-storage-au= th-secret0","node-name":"libvirt-1-storage","auto-read-only":true,"discard"= :"unmap"}' \ -blockdev '{"node-name":"libvirt-1-format","read-only":true,"driver":"raw"= ,"file":"libvirt-1-storage"}' \ -device '{"driver":"ide-cd","bus":"ide.1","unit":0,"drive":"libvirt-1-form= at","id":"ide0-1-0"}' \ -audiodev '{"id":"audio1","driver":"none"}' \ diff --git a/tests/qemuxml2argvdata/disk-cdrom-network.xml b/tests/qemuxml2= argvdata/disk-cdrom-network.xml index 14872d8889..40c53dd8fc 100644 --- a/tests/qemuxml2argvdata/disk-cdrom-network.xml +++ b/tests/qemuxml2argvdata/disk-cdrom-network.xml @@ -32,6 +32,9 @@ + + + @@ -41,6 +44,9 @@ + + + diff --git a/tests/qemuxml2xmloutdata/disk-cdrom-network.x86_64-latest.xml = b/tests/qemuxml2xmloutdata/disk-cdrom-network.x86_64-latest.xml new file mode 100644 index 0000000000..86f8ccf921 --- /dev/null +++ b/tests/qemuxml2xmloutdata/disk-cdrom-network.x86_64-latest.xml @@ -0,0 +1,72 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 1048576 + 1048576 + 1 + + hvm + + + + + + + + + qemu64 + + + destroy + restart + restart + + /usr/bin/qemu-system-x86_64 + + + + + + + +
+ + + + + + + + + + + +
+ + + + + + + + + + + +
+ + +
+ + + +
+ + + +