From nobody Thu Apr 18 11:07:34 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=gmail.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1523647786461940.3954618917709; Fri, 13 Apr 2018 12:29:46 -0700 (PDT) Received: from localhost ([::1]:48041 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f74OH-0007pv-L6 for importer@patchew.org; Fri, 13 Apr 2018 15:29:45 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:37340) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f74Kw-000583-Ko for qemu-devel@nongnu.org; Fri, 13 Apr 2018 15:26:21 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1f74Kv-0001qh-0T for qemu-devel@nongnu.org; Fri, 13 Apr 2018 15:26:18 -0400 Received: from mail-wr0-x22a.google.com ([2a00:1450:400c:c0c::22a]:37823) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1f74Ku-0001pP-NF; Fri, 13 Apr 2018 15:26:16 -0400 Received: by mail-wr0-x22a.google.com with SMTP id l49so10728681wrl.4; Fri, 13 Apr 2018 12:26:16 -0700 (PDT) Received: from lean.local (93-173-127-3.bb.netvision.net.il. [93.173.127.3]) by smtp.gmail.com with ESMTPSA id r200sm842127wmb.39.2018.04.13.12.26.13 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 13 Apr 2018 12:26:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=xpfMRyaNNR83VE+LH5SQPSq2G4HlPTWPkWuYA138rgU=; b=p20xV8+9D5AWFubg4ghjkAun8MtlKi0LlW6oxSI3pJTMwVnD0hu9Vja7vb/J7DCbkH jEsEVUO6DhpbakkVh8jwAiIBf4Nncg8FUDm9GAVQ1xd2AV8NlfdiJXIQZbGtWO/4SyEA ajfpn3HJCsvn+gymLOCAgOmNcGrrVTK93Lq3AUoeaQAuXsA6rdKsrjFENVDTxx8c+Lk4 FHcdOLcMUm0sWK3rykuKLXw6nhAEEI4BICG6QK1NbNZxGbd8SUAwSUtbXXoU1SRn1d7r 1IhlTH45MJs6LT9C7l+g0IhpYb2b4Nn4cgT4WtA0jfhKCBedrtuncaA3d3FSEJGB1GZK CNoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=xpfMRyaNNR83VE+LH5SQPSq2G4HlPTWPkWuYA138rgU=; b=VPzLDrLyzXkNeBm0qHWuB/XW8liEwWWewvwtN1h/VdLeC8ksq4Rf62yieqEm9iC9ft Q4THz59T/UGkdZUfVT6AvYDQcRRYQ4p6o5rWqrCLz2Z75LrmPljFdKUyMUecJ0fve9yT 0tGwNvZ8WeKVPtQRYqYV49XdyX6tK17xNkn+hpFY/rzov/65IKLFbikZYVx8CbInn/Io WQ3/5+t8v8LfrVugLfUriFmP4PRlfGYY2GR2gkP/7IxokQLUu8bN9uiZRT51KbBuEhs7 ZRb9coDNFtm6okHnujYGnCSO41LbLYww3qB8wKTYdK+TrO3BwVi5+0ACu6EjpLsOGvHt FB3Q== X-Gm-Message-State: ALQs6tD5bOz2Pj+5lnU+aoQ+LVmK2Ud9tfSoBGhKf2oDtCGGbBcIi3ar GmyMf2na8m5y8RshsWXmI9BMHBwun8I= X-Google-Smtp-Source: AIpwx49chDWEfUm+XNZuhi84kransWZ6l+SxZjjMhmvYk7nj3jTaVIBgQh30LWZfqDKkgSNq50//Qg== X-Received: by 10.223.155.136 with SMTP id d8mr2316709wrc.132.1523647575162; Fri, 13 Apr 2018 12:26:15 -0700 (PDT) From: Nir Soffer To: qemu-devel@nongnu.org Date: Fri, 13 Apr 2018 22:26:03 +0300 Message-Id: <20180413192605.2145-2-nirsof@gmail.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180413192605.2145-1-nirsof@gmail.com> References: <20180413192605.2145-1-nirsof@gmail.com> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c0c::22a Subject: [Qemu-devel] [PATCH 1/3] nbd: Add option to disallow listing exports X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, Nir Soffer , qemu-block@nongnu.org, rjones@redhat.com, mreitz@redhat.com, pbonzini@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" When a management application expose images using qemu-nbd, it needs a secure way to allow temporary access to the disk. Using a random export name can solve this problem: nbd://server:10809/22965f19-9ab5-4d18-94e1-cbeb321fa433 Assuming that the url is passed to the user in a secure way, and the user is using TLS to access the image. However, since qemu-nbd implements NBD_OPT_LIST, anyone can easily find the secret export: $ nbd-client -l server 10809 Negotiation: .. 22965f19-9ab5-4d18-94e1-cbeb321fa433 Add a new --nolist option, disabling listing, similar the "allowlist" nbd-server configuration option. When used, listing exports will fail like this: $ nbd-client -l localhost 10809 Negotiation: .. E: listing not allowed by server. Server said: Listing exports is forbidden Signed-off-by: Nir Soffer Tested-by: Richard W.M. Jones --- blockdev-nbd.c | 2 +- include/block/nbd.h | 1 + nbd/server.c | 7 +++++++ qemu-nbd.c | 9 ++++++++- qemu-nbd.texi | 2 ++ 5 files changed, 19 insertions(+), 2 deletions(-) diff --git a/blockdev-nbd.c b/blockdev-nbd.c index 65a84739ed..b9a885dc4b 100644 --- a/blockdev-nbd.c +++ b/blockdev-nbd.c @@ -37,7 +37,7 @@ static void nbd_accept(QIONetListener *listener, QIOChann= elSocket *cioc, { qio_channel_set_name(QIO_CHANNEL(cioc), "nbd-server"); nbd_client_new(NULL, cioc, - nbd_server->tlscreds, NULL, + nbd_server->tlscreds, NULL, true, nbd_blockdev_client_closed); } =20 diff --git a/include/block/nbd.h b/include/block/nbd.h index fcdcd54502..5c6b6272a0 100644 --- a/include/block/nbd.h +++ b/include/block/nbd.h @@ -308,6 +308,7 @@ void nbd_client_new(NBDExport *exp, QIOChannelSocket *sioc, QCryptoTLSCreds *tlscreds, const char *tlsaclname, + bool allow_list, void (*close_fn)(NBDClient *, bool)); void nbd_client_get(NBDClient *client); void nbd_client_put(NBDClient *client); diff --git a/nbd/server.c b/nbd/server.c index 9e1f227178..7b91922d1d 100644 --- a/nbd/server.c +++ b/nbd/server.c @@ -115,6 +115,7 @@ struct NBDClient { =20 bool structured_reply; NBDExportMetaContexts export_meta; + bool allow_list; =20 uint32_t opt; /* Current option being negotiated */ uint32_t optlen; /* remaining length of data in ioc for the option bei= ng @@ -1032,6 +1033,10 @@ static int nbd_negotiate_options(NBDClient *client, = uint16_t myflags, case NBD_OPT_LIST: if (length) { ret =3D nbd_reject_length(client, false, errp); + } else if (!client->allow_list) { + ret =3D nbd_negotiate_send_rep_err(client, + NBD_REP_ERR_POLICY, e= rrp, + "Listing exports is f= orbidden"); } else { ret =3D nbd_negotiate_handle_list(client, errp); } @@ -2141,6 +2146,7 @@ void nbd_client_new(NBDExport *exp, QIOChannelSocket *sioc, QCryptoTLSCreds *tlscreds, const char *tlsaclname, + bool allow_list, void (*close_fn)(NBDClient *, bool)) { NBDClient *client; @@ -2158,6 +2164,7 @@ void nbd_client_new(NBDExport *exp, object_ref(OBJECT(client->sioc)); client->ioc =3D QIO_CHANNEL(sioc); object_ref(OBJECT(client->ioc)); + client->allow_list =3D allow_list; client->close_fn =3D close_fn; =20 co =3D qemu_coroutine_create(nbd_co_client_start, client); diff --git a/qemu-nbd.c b/qemu-nbd.c index 0af0560ad1..b63d4d9e8b 100644 --- a/qemu-nbd.c +++ b/qemu-nbd.c @@ -52,6 +52,7 @@ #define QEMU_NBD_OPT_TLSCREDS 261 #define QEMU_NBD_OPT_IMAGE_OPTS 262 #define QEMU_NBD_OPT_FORK 263 +#define QEMU_NBD_OPT_NOLIST 264 =20 #define MBR_SIZE 512 =20 @@ -66,6 +67,7 @@ static int shared =3D 1; static int nb_fds; static QIONetListener *server; static QCryptoTLSCreds *tlscreds; +static bool allow_list =3D true; =20 static void usage(const char *name) { @@ -86,6 +88,7 @@ static void usage(const char *name) " -v, --verbose display extra debugging information\n" " -x, --export-name=3DNAME expose export by name\n" " -D, --description=3DTEXT with -x, also export a human-readable descr= iption\n" +" --nolist do not list export\n" "\n" "Exposing part of the image:\n" " -o, --offset=3DOFFSET offset into the image\n" @@ -355,7 +358,7 @@ static void nbd_accept(QIONetListener *listener, QIOCha= nnelSocket *cioc, nb_fds++; nbd_update_server_watch(); nbd_client_new(newproto ? NULL : exp, cioc, - tlscreds, NULL, nbd_client_closed); + tlscreds, NULL, allow_list, nbd_client_closed); } =20 static void nbd_update_server_watch(void) @@ -523,6 +526,7 @@ int main(int argc, char **argv) { "object", required_argument, NULL, QEMU_NBD_OPT_OBJECT }, { "export-name", required_argument, NULL, 'x' }, { "description", required_argument, NULL, 'D' }, + { "nolist", no_argument, NULL, QEMU_NBD_OPT_NOLIST }, { "tls-creds", required_argument, NULL, QEMU_NBD_OPT_TLSCREDS }, { "image-opts", no_argument, NULL, QEMU_NBD_OPT_IMAGE_OPTS }, { "trace", required_argument, NULL, 'T' }, @@ -717,6 +721,9 @@ int main(int argc, char **argv) case 'D': export_description =3D optarg; break; + case QEMU_NBD_OPT_NOLIST: + allow_list =3D false; + break; case 'v': verbose =3D 1; break; diff --git a/qemu-nbd.texi b/qemu-nbd.texi index 9a84e81eed..010b29588f 100644 --- a/qemu-nbd.texi +++ b/qemu-nbd.texi @@ -85,6 +85,8 @@ the new style NBD protocol negotiation @item -D, --description=3D@var{description} Set the NBD volume export description, as a human-readable string. Requires the use of @option{-x} +@item --nolist +Do not allow the client to fetch a list of exports from this server. @item --tls-creds=3DID Enable mandatory TLS encryption for the server by setting the ID of the TLS credentials object previously created with the --object --=20 2.14.3 From nobody Thu Apr 18 11:07:34 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=gmail.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1523647705033737.5352388421461; Fri, 13 Apr 2018 12:28:25 -0700 (PDT) Received: from localhost ([::1]:47961 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f74Mp-0006KW-Bp for importer@patchew.org; Fri, 13 Apr 2018 15:28:15 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:37415) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f74Ky-000593-Lf for qemu-devel@nongnu.org; Fri, 13 Apr 2018 15:26:21 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1f74Kx-0001v1-Ki for qemu-devel@nongnu.org; Fri, 13 Apr 2018 15:26:20 -0400 Received: from mail-wr0-x241.google.com ([2a00:1450:400c:c0c::241]:35942) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1f74Kx-0001tp-DJ; Fri, 13 Apr 2018 15:26:19 -0400 Received: by mail-wr0-x241.google.com with SMTP id q13so7306451wre.3; Fri, 13 Apr 2018 12:26:19 -0700 (PDT) Received: from lean.local (93-173-127-3.bb.netvision.net.il. [93.173.127.3]) by smtp.gmail.com with ESMTPSA id r200sm842127wmb.39.2018.04.13.12.26.15 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 13 Apr 2018 12:26:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=l8qL1DhH1cR5eZmb5/tK6tzu3Mcu9S14FRMWd2SBA8A=; b=H9MpIE6WxSC6yTJtAFAKyIvGtZhKoTHBHx9+TtS65z6MCAAzKEF+zQoyq40RDo5cSk Qqj/96Y08DgCOdbMnhtFY1jhYwKOa3p8BoPSEXGLNyLOK1n1Flnr0F8QQEnY9Z1znaq2 U4B6n/opBqcnX8pDY5FvhNjojfXPSIa7MWq4+Td1aDz1Ru4BqVGWy0qfKanx1ziX7CyI YW0dULu9sBoAj9xWYkdmc4BRXYIaTn2cH5IZ8AUvq23JmffW5V7Pi5fKe1AG0c8zNmdM DzM0fCFGcyC7m3HJXTzjIF9bSWGmim3j+2UEHzjX3XjrU9x1YUSqNNoDGkHBzJHzNc0b niLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=l8qL1DhH1cR5eZmb5/tK6tzu3Mcu9S14FRMWd2SBA8A=; b=gLF/mexdfmB0lVhIfJx8gYI1Ld/0cm182+sJQ9le4Wdi38mlszQBp2cV9kQQlTgoE0 bSsGjAvdzCdqU7BWj0evebCQhilxTdvkvMW1fr193Ol2LWVCIg3f0Dwl9mskvprBS0Hw ZAPuNOOOBJfaKuMfZhWzI4SUkHOe36ROvD4VzZjuUS0nCVnJiygiR8BZ7+y77Gjkr4/v 7A4Kq0BEd0U48njwZScMzvxmXCl7HeesQBKtOt/lIWH4UV2VxuxqyYcSJesGg62j9cb0 oGU5Rq+DrGS1WwiZCyCIwIoPPp++VO4srzWMqdPjpM+DyBvv92ieF0GEWnv5rE4dvhCf tMJg== X-Gm-Message-State: ALQs6tDjcn1y0Vi+b1A6kPEHUSn1wOUVdT+FGAbpPh7q2cI9+tW6Rt8j qi4qxY9CcF46M4Ackpk4rY10kkxn9f4= X-Google-Smtp-Source: AIpwx48KkBYOjZYkau/W3K3V08T82Az1nPo9lZPLF5LBsH8GcoY4vBz++SpnFHVwuJjJaIxdJUSbIg== X-Received: by 10.223.226.15 with SMTP id j15mr4399234wri.235.1523647577919; Fri, 13 Apr 2018 12:26:17 -0700 (PDT) From: Nir Soffer To: qemu-devel@nongnu.org Date: Fri, 13 Apr 2018 22:26:04 +0300 Message-Id: <20180413192605.2145-3-nirsof@gmail.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180413192605.2145-1-nirsof@gmail.com> References: <20180413192605.2145-1-nirsof@gmail.com> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c0c::241 Subject: [Qemu-devel] [PATCH 2/3] iotests.py: Add helper for running commands X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, Nir Soffer , qemu-block@nongnu.org, rjones@redhat.com, mreitz@redhat.com, pbonzini@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Add few helpers for running external commands: - CommandFailed: exception, keeping all the info related to a failed command, and providing a useful error message. (Unfortunately subprocess.CalledProcessError does not). - run(): run a command collecting output from the underlying process stdout and stderr, returning the command output or raising CommandFailed. These helpers will be used by new qemu-nbd tests. And later can be used to cleanup helpers for running qemu-* tools in iotests.py. Signed-off-by: Nir Soffer --- tests/qemu-iotests/iotests.py | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/tests/qemu-iotests/iotests.py b/tests/qemu-iotests/iotests.py index b25d48a91b..0f8abf99cb 100644 --- a/tests/qemu-iotests/iotests.py +++ b/tests/qemu-iotests/iotests.py @@ -64,6 +64,24 @@ luks_default_secret_object =3D 'secret,id=3Dkeysec0,data= =3D' + \ os.environ['IMGKEYSECRET'] luks_default_key_secret_opt =3D 'key-secret=3Dkeysec0' =20 +class CommandFailed(Exception): + + def __init__(self, cmd, rc, out, err): + self.cmd =3D cmd + self.rc =3D rc + self.out =3D out + self.err =3D err + + def __str__(self): + return ("Command {self.cmd} failed: rc=3D{self.rc}, out=3D{self.ou= t!r}, " + "err=3D{self.err!r}").format(self=3Dself) + +def run(*args): + p =3D subprocess.Popen(args, stdout=3Dsubprocess.PIPE, stderr=3Dsubpro= cess.PIPE) + out, err =3D p.communicate() + if p.returncode !=3D 0: + raise CommandFailed(args, p.returncode, out, err) + return out =20 def qemu_img(*args): '''Run qemu-img and return the exit code''' --=20 2.14.3 From nobody Thu Apr 18 11:07:34 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=gmail.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1523647826735510.9672318073616; Fri, 13 Apr 2018 12:30:26 -0700 (PDT) Received: from localhost ([::1]:48079 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f74Ov-0008QO-VY for importer@patchew.org; Fri, 13 Apr 2018 15:30:26 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:37495) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f74L1-0005CC-DG for qemu-devel@nongnu.org; Fri, 13 Apr 2018 15:26:24 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1f74L0-0001zG-32 for qemu-devel@nongnu.org; Fri, 13 Apr 2018 15:26:23 -0400 Received: from mail-wr0-x242.google.com ([2a00:1450:400c:c0c::242]:38633) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1f74Kz-0001wx-TX; Fri, 13 Apr 2018 15:26:22 -0400 Received: by mail-wr0-x242.google.com with SMTP id l13so9683191wrb.5; Fri, 13 Apr 2018 12:26:21 -0700 (PDT) Received: from lean.local (93-173-127-3.bb.netvision.net.il. [93.173.127.3]) by smtp.gmail.com with ESMTPSA id r200sm842127wmb.39.2018.04.13.12.26.18 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 13 Apr 2018 12:26:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=xgwkxnxDIu7ecxkqwMajkHLgq6NE+m0M5skKXVei3K4=; b=jmbKD7A4Plc9saDqNGiLBJ/ifMy8lnV3k45woDjxKrehQAQ8UUzL3Uf5p28GhB7nbP HuBorr/JscmnLvdgQ9PZpiMfqW47zAutbLfcBEfTZUP/5Zb7MkKvrVPU93R3yU4hJWt4 9PyTK6HO9fb1hIqrAt5Pdwit86J6Gx7LD1bZluGZ36yb3XUbpzvMgN3zK79JMUIaOL7Y h3uoquC4RdcJWEmuJggAZJiPnXiSfVSRorOiov9h/7oZVphij3Dcs1OI2LzccSsU7Kfk BORKnY/QMAQgBWQc6615QOef5J+YAgSwblCFIIqlkv4jI5FEzMfA+kYHpelYUKyVG3EK U/yA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=xgwkxnxDIu7ecxkqwMajkHLgq6NE+m0M5skKXVei3K4=; b=BM6rD/TiuEAZiNhiAxBdYPTXrWKHSYcX6TKpiW2KJrtjuIOA5Vm91V8CsWkbrVrjU4 BROmru9Z20eCECR3hYvUM2cbm6oniVOKUdEWjjIMRe1dJWMO+ZDM3kAA7bhNln579y1L R4sbxER4Vkbp1pTH6TiB9CHluxGkxZIJ9ApvFnbmf3VSfmqTyV+QWkouNjVUIAtL92zM WEsU7OwDUUHV097h8lF6bLtIKlbdzMHJqpEIGFEuoL2PhNTASGJI0nIktTBsEm9Fbb29 haQCfuWJB07vSvOPPynCPO0pAfWEOTy+YTdBvqMnxit0rA4V7FVYtgHStAFmKRjt9rCa zMcQ== X-Gm-Message-State: ALQs6tCMnvhxPJGNkFA02PGWUz2rpfN9RWo02n+lkVLEuWnPGcD0gblm 1NJbx9kTr5EDaWNyD27tD0METk6KoZE= X-Google-Smtp-Source: AIpwx492HBKoRGlujPEmUc35eMdoOxXD0Wa9MQeXapvOnGfUYuusR8QkF5rFZZznyJ1aQnT9i2kpGQ== X-Received: by 10.28.207.201 with SMTP id f192mr4403045wmg.148.1523647580405; Fri, 13 Apr 2018 12:26:20 -0700 (PDT) From: Nir Soffer To: qemu-devel@nongnu.org Date: Fri, 13 Apr 2018 22:26:05 +0300 Message-Id: <20180413192605.2145-4-nirsof@gmail.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180413192605.2145-1-nirsof@gmail.com> References: <20180413192605.2145-1-nirsof@gmail.com> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c0c::242 Subject: [Qemu-devel] [PATCH 3/3] qemu-iotests: Test new qemu-nbd --nolist option X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, Nir Soffer , qemu-block@nongnu.org, rjones@redhat.com, mreitz@redhat.com, pbonzini@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Add new test module for tesing the --nolist option. Signed-off-by: Nir Soffer --- tests/qemu-iotests/214 | 46 ++++++++++++++++++++++++++++++++++++++++++= ++++ tests/qemu-iotests/214.out | 2 ++ tests/qemu-iotests/group | 1 + 3 files changed, 49 insertions(+) create mode 100755 tests/qemu-iotests/214 create mode 100644 tests/qemu-iotests/214.out diff --git a/tests/qemu-iotests/214 b/tests/qemu-iotests/214 new file mode 100755 index 0000000000..779e382070 --- /dev/null +++ b/tests/qemu-iotests/214 @@ -0,0 +1,46 @@ +#!/usr/bin/env python +# +# Test qemu-nbd compatibility with other tools. +# +# Copyright (C) 2018 Nir Soffer +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +import iotests + +iotests.verify_image_format(supported_fmts=3D['raw']) + +iotests.log('Check that listing exports is allowed by default') +disk, nbd_sock =3D iotests.file_path('disk1', 'nbd-sock1') +iotests.qemu_img_create('-f', iotests.imgfmt, disk, '1m') +iotests.qemu_nbd('-k', nbd_sock, '-f', iotests.imgfmt, '-x', 'export', dis= k) +out =3D iotests.run('nbd-client', '-l', '--unix', nbd_sock) + +assert 'export' in out.splitlines(), 'Export not in %r' % out + +iotests.log('Check that listing exports is forbidden with --nolist') +disk, nbd_sock =3D iotests.file_path('disk2', 'nbd-sock2') +iotests.qemu_img_create('-f', iotests.imgfmt, disk, '1m') +iotests.qemu_nbd('-k', nbd_sock, '-f', iotests.imgfmt, '-x', 'secret', + '--nolist', disk) + +# nbd-client fails when listing is not allowed, but lets not depend on 3rd +# party tool behavior here. +try: + out =3D iotests.run('nbd-client', '-l', '--unix', nbd_sock) + assert 'secret' not in out, 'Export in %r' % out +except iotests.CommandFailed as e: + # This text comes from qemu-nbd. + assert 'Listing exports is forbidden' in e.err, 'Unexpected error: %s'= % e diff --git a/tests/qemu-iotests/214.out b/tests/qemu-iotests/214.out new file mode 100644 index 0000000000..dae61b5a57 --- /dev/null +++ b/tests/qemu-iotests/214.out @@ -0,0 +1,2 @@ +Check that listing exports is allowed by default +Check that listing exports is forbidden with --nolist diff --git a/tests/qemu-iotests/group b/tests/qemu-iotests/group index 52a80f3f9e..a820dcb91f 100644 --- a/tests/qemu-iotests/group +++ b/tests/qemu-iotests/group @@ -212,3 +212,4 @@ 211 rw auto quick 212 rw auto quick 213 rw auto quick +214 rw auto quick --=20 2.14.3