From nobody Sat Feb  7 10:07:53 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1505522997007156.4743959128101;
 Fri, 15 Sep 2017 17:49:57 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
 [10.5.11.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id AF6BF356F8;
	Sat, 16 Sep 2017 00:49:55 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 510E57F1B8;
	Sat, 16 Sep 2017 00:49:55 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 550E0410B4;
	Sat, 16 Sep 2017 00:49:54 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
	[10.5.11.14])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v8G0UPCF013116 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 15 Sep 2017 20:30:25 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id B31C518179; Sat, 16 Sep 2017 00:30:25 +0000 (UTC)
Received: from localhost.localdomain.com (ovpn-116-172.phx2.redhat.com
	[10.3.116.172])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 7AB16179FF
	for <libvir-list@redhat.com>; Sat, 16 Sep 2017 00:30:25 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com AF6BF356F8
Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com;
 spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com
From: John Ferlan <jferlan@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 15 Sep 2017 20:30:06 -0400
Message-Id: <20170916003017.32502-4-jferlan@redhat.com>
In-Reply-To: <20170916003017.32502-1-jferlan@redhat.com>
References: <20170916003017.32502-1-jferlan@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v2 03/14] conf: Add/Allow parsing the auth in the
	disk source
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]);
 Sat, 16 Sep 2017 00:49:56 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Since the virStorageAuthDefPtr auth; is a member of _virStorageSource
it really should be allowed to be a subelement of the disk <source>
for the RBD and iSCSI prototcols. That way we can set up to allow
the <auth> element to be formatted within the disk source.

For now just allow the format in the RNG and read it in domain_conf.

Modify the qemuxml2argvtest to add a parse failure when there is an
<auth> as a child of <disk> *and* an <auth> as a child of <source>.

The virschematest will read the new test files and validate from a
RNG viewpoint things are fine

Signed-off-by: John Ferlan <jferlan@redhat.com>
---
 docs/schemas/domaincommon.rng                      | 20 +++++++-
 src/conf/domain_conf.c                             | 53 ++++++++++++++++++=
++--
 ...v-disk-drive-network-iscsi-source-auth-both.xml | 36 +++++++++++++++
 ...l2argv-disk-drive-network-iscsi-source-auth.xml | 43 ++++++++++++++++++
 ...rgv-disk-drive-network-rbd-source-auth-both.xml | 45 ++++++++++++++++++
 ...xml2argv-disk-drive-network-rbd-source-auth.xml | 42 +++++++++++++++++
 tests/qemuxml2argvtest.c                           |  2 +
 7 files changed, 237 insertions(+), 4 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-=
iscsi-source-auth-both.xml
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-=
iscsi-source-auth.xml
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-=
rbd-source-auth-both.xml
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-=
rbd-source-auth.xml

diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index c9a4f7a9a..139f1eea2 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -1578,11 +1578,29 @@
             <empty/>
           </element>
         </optional>
+        <optional>
+          <ref name=3D"diskAuth"/>
+        </optional>
         <empty/>
       </interleave>
     </element>
   </define>
=20
+  <define name=3D"diskSourceNetworkProtocolISCSI">
+    <element name=3D"source">
+      <attribute name=3D"protocol">
+        <choice>
+          <value>iscsi</value>
+        </choice>
+      </attribute>
+      <attribute name=3D"name"/>
+      <ref name=3D"diskSourceNetworkHost"/>
+      <optional>
+        <ref name=3D"diskAuth"/>
+      </optional>
+    </element>
+  </define>
+
   <define name=3D"diskSourceNetworkProtocolHTTP">
     <element name=3D"source">
       <attribute name=3D"protocol">
@@ -1601,7 +1619,6 @@
       <attribute name=3D"protocol">
         <choice>
           <value>sheepdog</value>
-          <value>iscsi</value>
           <value>ftp</value>
           <value>ftps</value>
           <value>tftp</value>
@@ -1644,6 +1661,7 @@
       <ref name=3D"diskSourceNetworkProtocolNBD"/>
       <ref name=3D"diskSourceNetworkProtocolGluster"/>
       <ref name=3D"diskSourceNetworkProtocolRBD"/>
+      <ref name=3D"diskSourceNetworkProtocolISCSI"/>
       <ref name=3D"diskSourceNetworkProtocolHTTP"/>
       <ref name=3D"diskSourceNetworkProtocolSimple"/>
     </choice>
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 8dca1357c..5c0218cdf 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -8107,6 +8107,29 @@ virDomainDiskSourcePoolDefParse(xmlNodePtr node,
 }
=20
=20
+static int
+virDomainDiskSourceAuthParse(xmlNodePtr node,
+                             virStorageAuthDefPtr *authdefsrc)
+{
+    xmlNodePtr child;
+    virStorageAuthDefPtr authdef;
+
+    for (child =3D node->children; child; child =3D child->next) {
+        if (child->type =3D=3D XML_ELEMENT_NODE &&
+            virXMLNodeNameEqual(child, "auth")) {
+
+            if (!(authdef =3D virStorageAuthDefParse(node->doc, child)))
+                return -1;
+
+            *authdefsrc =3D authdef;
+            return 0;
+        }
+    }
+
+    return 0;
+}
+
+
 int
 virDomainDiskSourceParse(xmlNodePtr node,
                          xmlXPathContextPtr ctxt,
@@ -8193,6 +8216,9 @@ virDomainDiskSourceParse(xmlNodePtr node,
         goto cleanup;
     }
=20
+    if (virDomainDiskSourceAuthParse(node, &src->auth) < 0)
+        goto cleanup;
+
     /* People sometimes pass a bogus '' source path when they mean to omit=
 the
      * source element completely (e.g. CDROM without media). This is just a
      * little compatibility check to help those broken apps */
@@ -8770,6 +8796,7 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt,
     char *serial =3D NULL;
     char *startupPolicy =3D NULL;
     virStorageAuthDefPtr authdef =3D NULL;
+    bool diskAuth =3D false;
     char *tray =3D NULL;
     char *removable =3D NULL;
     char *logical_block_size =3D NULL;
@@ -8819,6 +8846,16 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlop=
t,
             if (virDomainDiskSourceParse(cur, ctxt, def->src) < 0)
                 goto error;
=20
+            /* If we've already found an <auth> as a child of <disk> and
+             * we find one as a child of <source>, then force an error to
+             * avoid ambiguity */
+            if (diskAuth && def->src->auth) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                               _("an <auth> definition already found for "
+                                 "the <disk> definition"));
+                goto error;
+            }
+
             source =3D true;
=20
             startupPolicy =3D virXMLPropString(cur, "startupPolicy");
@@ -8874,10 +8911,20 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlo=
pt,
                    !(flags & VIR_DOMAIN_DEF_PARSE_INACTIVE)) {
             if (virDomainDiskDefMirrorParse(def, cur, ctxt) < 0)
                 goto error;
-        } else if (!authdef &&
+        } else if (!diskAuth &&
                    virXMLNodeNameEqual(cur, "auth")) {
+            diskAuth =3D true;
             if (!(authdef =3D virStorageAuthDefParse(node->doc, cur)))
                 goto error;
+
+            /* If we've already parsed <source> and found an <auth> child,
+             * then generate an error to avoid ambiguity */
+            if (source && def->src->auth) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                               _("an <auth> definition already found for "
+                                 "disk source"));
+                goto error;
+            }
         } else if (virXMLNodeNameEqual(cur, "iotune")) {
             if (virDomainDiskDefIotuneParse(def, ctxt) < 0)
                 goto error;
@@ -9111,8 +9158,8 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt,
=20
     def->dst =3D target;
     target =3D NULL;
-    def->src->auth =3D authdef;
-    authdef =3D NULL;
+    if (diskAuth)
+        VIR_STEAL_PTR(def->src->auth, authdef);
     def->src->encryption =3D encryption;
     encryption =3D NULL;
     def->domain_name =3D domain_name;
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-s=
ource-auth-both.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-networ=
k-iscsi-source-auth-both.xml
new file mode 100644
index 000000000..9f14f489f
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-source-a=
uth-both.xml
@@ -0,0 +1,36 @@
+<domain type=3D'qemu'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit=3D'KiB'>219136</memory>
+  <currentMemory unit=3D'KiB'>219136</currentMemory>
+  <vcpu placement=3D'static'>1</vcpu>
+  <os>
+    <type arch=3D'i686' machine=3D'pc'>hvm</type>
+    <boot dev=3D'hd'/>
+  </os>
+  <clock offset=3D'utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-i686</emulator>
+    <disk type=3D'network' device=3D'disk'>
+      <driver name=3D'qemu' type=3D'raw'/>
+      <auth username=3D'myname'>
+        <secret type=3D'iscsi' usage=3D'mycluster_myname'/>
+      </auth>
+      <source protocol=3D'iscsi' name=3D'iqn.1992-01.com.example:storage/1=
'>
+        <host name=3D'example.org' port=3D'6000'/>
+        <auth username=3D'myname'>
+          <secret type=3D'iscsi' usage=3D'mycluster_myname'/>
+        </auth>
+      </source>
+      <target dev=3D'vda' bus=3D'virtio'/>
+    </disk>
+    <controller type=3D'usb' index=3D'0'/>
+    <controller type=3D'pci' index=3D'0' model=3D'pci-root'/>
+    <input type=3D'mouse' bus=3D'ps2'/>
+    <input type=3D'keyboard' bus=3D'ps2'/>
+    <memballoon model=3D'none'/>
+  </devices>
+</domain>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-s=
ource-auth.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-isc=
si-source-auth.xml
new file mode 100644
index 000000000..af2d51fe9
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-source-a=
uth.xml
@@ -0,0 +1,43 @@
+<domain type=3D'qemu'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit=3D'KiB'>219136</memory>
+  <currentMemory unit=3D'KiB'>219136</currentMemory>
+  <vcpu placement=3D'static'>1</vcpu>
+  <os>
+    <type arch=3D'i686' machine=3D'pc'>hvm</type>
+    <boot dev=3D'hd'/>
+  </os>
+  <clock offset=3D'utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-i686</emulator>
+    <disk type=3D'network' device=3D'disk'>
+      <driver name=3D'qemu' type=3D'raw'/>
+      <source protocol=3D'iscsi' name=3D'iqn.1992-01.com.example:storage/1=
'>
+        <host name=3D'example.org' port=3D'6000'/>
+        <auth username=3D'myname'>
+          <secret type=3D'iscsi' usage=3D'mycluster_myname'/>
+        </auth>
+      </source>
+      <target dev=3D'vda' bus=3D'virtio'/>
+    </disk>
+    <disk type=3D'network' device=3D'disk'>
+      <driver name=3D'qemu' type=3D'raw'/>
+      <source protocol=3D'iscsi' name=3D'iqn.1992-01.com.example:storage/2=
'>
+        <host name=3D'example.org' port=3D'6000'/>
+        <auth username=3D'myname'>
+          <secret type=3D'iscsi' usage=3D'mycluster_myname'/>
+        </auth>
+      </source>
+      <target dev=3D'vdb' bus=3D'virtio'/>
+    </disk>
+    <controller type=3D'usb' index=3D'0'/>
+    <controller type=3D'pci' index=3D'0' model=3D'pci-root'/>
+    <input type=3D'mouse' bus=3D'ps2'/>
+    <input type=3D'keyboard' bus=3D'ps2'/>
+    <memballoon model=3D'none'/>
+  </devices>
+</domain>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-sou=
rce-auth-both.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-=
rbd-source-auth-both.xml
new file mode 100644
index 000000000..62a781cd3
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-source-aut=
h-both.xml
@@ -0,0 +1,45 @@
+<domain type=3D'qemu'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit=3D'KiB'>219136</memory>
+  <currentMemory unit=3D'KiB'>219136</currentMemory>
+  <vcpu placement=3D'static'>1</vcpu>
+  <os>
+    <type arch=3D'i686' machine=3D'pc'>hvm</type>
+    <boot dev=3D'hd'/>
+  </os>
+  <clock offset=3D'utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-i686</emulator>
+    <disk type=3D'block' device=3D'disk'>
+      <driver name=3D'qemu' type=3D'raw'/>
+      <source dev=3D'/dev/HostVG/QEMUGuest1'/>
+      <target dev=3D'hda' bus=3D'ide'/>
+      <address type=3D'drive' controller=3D'0' bus=3D'0' target=3D'0' unit=
=3D'0'/>
+    </disk>
+    <disk type=3D'network' device=3D'disk'>
+      <driver name=3D'qemu' type=3D'raw'/>
+      <auth username=3D'myname'>
+        <secret type=3D'ceph' usage=3D'mycluster_myname'/>
+      </auth>
+      <source protocol=3D'rbd' name=3D'pool/image'>
+        <host name=3D'mon1.example.org' port=3D'6321'/>
+        <host name=3D'mon2.example.org' port=3D'6322'/>
+        <host name=3D'mon3.example.org' port=3D'6322'/>
+        <auth username=3D'myname'>
+          <secret type=3D'ceph' usage=3D'mycluster_myname'/>
+        </auth>
+      </source>
+      <target dev=3D'vda' bus=3D'virtio'/>
+    </disk>
+    <controller type=3D'usb' index=3D'0'/>
+    <controller type=3D'ide' index=3D'0'/>
+    <controller type=3D'pci' index=3D'0' model=3D'pci-root'/>
+    <input type=3D'mouse' bus=3D'ps2'/>
+    <input type=3D'keyboard' bus=3D'ps2'/>
+    <memballoon model=3D'none'/>
+  </devices>
+</domain>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-sou=
rce-auth.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-s=
ource-auth.xml
new file mode 100644
index 000000000..d25e4148b
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-source-aut=
h.xml
@@ -0,0 +1,42 @@
+<domain type=3D'qemu'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit=3D'KiB'>219136</memory>
+  <currentMemory unit=3D'KiB'>219136</currentMemory>
+  <vcpu placement=3D'static'>1</vcpu>
+  <os>
+    <type arch=3D'i686' machine=3D'pc'>hvm</type>
+    <boot dev=3D'hd'/>
+  </os>
+  <clock offset=3D'utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-i686</emulator>
+    <disk type=3D'block' device=3D'disk'>
+      <driver name=3D'qemu' type=3D'raw'/>
+      <source dev=3D'/dev/HostVG/QEMUGuest1'/>
+      <target dev=3D'hda' bus=3D'ide'/>
+      <address type=3D'drive' controller=3D'0' bus=3D'0' target=3D'0' unit=
=3D'0'/>
+    </disk>
+    <disk type=3D'network' device=3D'disk'>
+      <driver name=3D'qemu' type=3D'raw'/>
+      <source protocol=3D'rbd' name=3D'pool/image'>
+        <host name=3D'mon1.example.org' port=3D'6321'/>
+        <host name=3D'mon2.example.org' port=3D'6322'/>
+        <host name=3D'mon3.example.org' port=3D'6322'/>
+        <auth username=3D'myname'>
+          <secret type=3D'ceph' usage=3D'mycluster_myname'/>
+        </auth>
+      </source>
+      <target dev=3D'vda' bus=3D'virtio'/>
+    </disk>
+    <controller type=3D'usb' index=3D'0'/>
+    <controller type=3D'ide' index=3D'0'/>
+    <controller type=3D'pci' index=3D'0' model=3D'pci-root'/>
+    <input type=3D'mouse' bus=3D'ps2'/>
+    <input type=3D'keyboard' bus=3D'ps2'/>
+    <memballoon model=3D'none'/>
+  </devices>
+</domain>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index c8c479cbd..d16b3b7b8 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -919,6 +919,8 @@ mymain(void)
     DO_TEST("disk-drive-network-iscsi-auth", NONE);
     DO_TEST_PARSE_ERROR("disk-drive-network-iscsi-auth-secrettype-invalid"=
, NONE);
     DO_TEST_PARSE_ERROR("disk-drive-network-iscsi-auth-wrong-secrettype", =
NONE);
+    DO_TEST_PARSE_ERROR("disk-drive-network-iscsi-source-auth-both", NONE);
+    DO_TEST_PARSE_ERROR("disk-drive-network-rbd-source-auth-both", NONE);
     DO_TEST("disk-drive-network-iscsi-lun",
             QEMU_CAPS_NODEFCONFIG, QEMU_CAPS_VIRTIO_SCSI,
             QEMU_CAPS_SCSI_BLOCK);
--=20
2.13.5

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list