From nobody Fri Apr 19 21:53:27 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1543955592998532.9556848852019; Tue, 4 Dec 2018 12:33:12 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 90E5F307D96B; Tue, 4 Dec 2018 20:33:09 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B93AE60BE5; Tue, 4 Dec 2018 20:33:07 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 47A2918005AF; Tue, 4 Dec 2018 20:33:04 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id wB4KX1VK028076 for ; Tue, 4 Dec 2018 15:33:01 -0500 Received: by smtp.corp.redhat.com (Postfix) id EB3364510; Tue, 4 Dec 2018 20:33:01 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-116-18.phx2.redhat.com [10.3.116.18]) by smtp.corp.redhat.com (Postfix) with ESMTP id AB5F74505 for ; Tue, 4 Dec 2018 20:32:56 +0000 (UTC) From: John Ferlan To: libvir-list@redhat.com Date: Tue, 4 Dec 2018 15:32:54 -0500 Message-Id: <20181204203254.6808-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH] secret: Add check/validation for correct usage when LookupByUUID X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.48]); Tue, 04 Dec 2018 20:33:11 +0000 (UTC) Content-Type: text/plain; charset="utf-8" If virSecretGetSecretString is using by secretLookupByUUID, then it's possible the found sec->usageType doesn't match the desired @secretUsageType. If this occurs for the encrypted volume creation processing and a subsequent pool refresh is executed, then the secret used to create the volume will not be found by the storageBackendLoadDefaultSecrets which expects to find secrets by VIR_SECRET_USAGE_TYPE_VOLUME. Add a check to virSecretGetSecretString to avoid the possibility along with an error indicating the incorrect matched types. Signed-off-by: John Ferlan --- If someone has an idea regarding how the usage could be filled in "properly" for the qemuxml2argvtest, I'm willing to give it a shot. However, fair warning trying to "mock" for tls, volume, iscsi, and ceph could be rather painful. Thus the NONE was the well, easiest way to go since the stored secret (ahem) shouldn't be of usageType "none" (famous last words). src/secret/secret_util.c | 17 +++++++++++++++++ tests/qemuxml2argvtest.c | 4 +++- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/src/secret/secret_util.c b/src/secret/secret_util.c index 16e43ab2cc..27e164a425 100644 --- a/src/secret/secret_util.c +++ b/src/secret/secret_util.c @@ -71,6 +71,23 @@ virSecretGetSecretString(virConnectPtr conn, if (!sec) goto cleanup; =20 + /* NB: NONE is a byproduct of the qemuxml2argvtest test mocking + * for UUID lookups. Normal secret XML processing would fail if + * the usage type was NONE and since we have no way to set the + * expected usage in that environment, let's just accept NONE */ + if (sec->usageType !=3D VIR_SECRET_USAGE_TYPE_NONE && + sec->usageType !=3D secretUsageType) { + char uuidstr[VIR_UUID_STRING_BUFLEN]; + + virUUIDFormat(seclookupdef->u.uuid, uuidstr); + virReportError(VIR_ERR_INVALID_ARG, + _("secret with uuid %s is of type '%s' not " + "expected '%s' type"), + uuidstr, virSecretUsageTypeToString(sec->usageType), + virSecretUsageTypeToString(secretUsageType)); + goto cleanup; + } + *secret =3D conn->secretDriver->secretGetValue(sec, secret_size, 0, VIR_SECRET_GET_VALUE_INTE= RNAL_CALL); =20 diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index e17709e7e1..700868ca0b 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -77,7 +77,9 @@ static virSecretPtr fakeSecretLookupByUUID(virConnectPtr conn, const unsigned char *uuid) { - return virGetSecret(conn, uuid, 0, ""); + /* NB: This mocked value could be "tls" or "volume" depending on + * which test is being run, we'll leave at NONE (or 0) */ + return virGetSecret(conn, uuid, VIR_SECRET_USAGE_TYPE_NONE, ""); } =20 static virSecretDriver fakeSecretDriver =3D { --=20 2.17.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list