From nobody Sat May 4 09:32:26 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1550179786947627.7038155430104; Thu, 14 Feb 2019 13:29:46 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id EDC83CD660; Thu, 14 Feb 2019 21:29:44 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id BB6EE1019601; Thu, 14 Feb 2019 21:29:44 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6A8DE3F608; Thu, 14 Feb 2019 21:29:44 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x1ELTLZV003066 for ; Thu, 14 Feb 2019 16:29:21 -0500 Received: by smtp.corp.redhat.com (Postfix) id 871261019601; Thu, 14 Feb 2019 21:29:21 +0000 (UTC) Received: from blue.redhat.com (ovpn-116-127.phx2.redhat.com [10.3.116.127]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3E8EA1001F5E; Thu, 14 Feb 2019 21:29:21 +0000 (UTC) From: Eric Blake To: libvir-list@redhat.com Date: Thu, 14 Feb 2019 15:29:12 -0600 Message-Id: <20190214212916.25180-2-eblake@redhat.com> In-Reply-To: <20190214212916.25180-1-eblake@redhat.com> References: <20190214212916.25180-1-eblake@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 1/5] domain: Fix unknown flags diagnosis in virDomainGetXMLDesc X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Thu, 14 Feb 2019 21:29:45 +0000 (UTC) Content-Type: text/plain; charset="utf-8" Many drivers had a comment that they did not validate the incoming 'flags' to virDomainGetXMLDesc() because they were relying on virDomainDefFormat() to do it instead. This used to be the case, but regressed in commit 0ecd6851 (1.2.12), when all of the drivers were changed to pass 'flags' through the new helper virDomainDefFormatConvertXMLFlags(). Since this helper silently ignores unknown flags, we need to implement flag checking in each driver instead. Annoyingly, this means that any new flag values added will silently be ignored when targeting an older libvirt, rather than our usual practice of loudly diagnosing an unsupported flag. We'll have to be extra vigilant that any future added flags do not cause a security hole when sent from a newer libvirt client that expects the flag to do one thing, but where the older server silently ignores it instead. Signed-off-by: Eric Blake Reviewed-by: John Ferlan --- src/conf/domain_conf.h | 3 +++ src/bhyve/bhyve_driver.c | 2 ++ src/conf/domain_conf.c | 2 ++ src/esx/esx_driver.c | 2 +- src/hyperv/hyperv_driver.c | 2 +- src/libxl/libxl_driver.c | 2 +- src/lxc/lxc_driver.c | 2 +- src/openvz/openvz_driver.c | 2 +- src/phyp/phyp_driver.c | 2 +- src/qemu/qemu_driver.c | 3 ++- src/test/test_driver.c | 2 +- src/vbox/vbox_common.c | 2 +- src/vmware/vmware_driver.c | 2 +- src/vz/vz_driver.c | 2 +- 14 files changed, 19 insertions(+), 11 deletions(-) diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 2bc3f879f7..324fc247b6 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -3110,6 +3110,9 @@ virDomainIOThreadIDDefPtr virDomainIOThreadIDAdd(virD= omainDefPtr def, unsigned int iothread_id); void virDomainIOThreadIDDel(virDomainDefPtr def, unsigned int iothread_id); +# define VIR_DOMAIN_XML_COMMON_FLAGS \ + (VIR_DOMAIN_XML_SECURE | VIR_DOMAIN_XML_INACTIVE | \ + VIR_DOMAIN_XML_MIGRATABLE) unsigned int virDomainDefFormatConvertXMLFlags(unsigned int flags); char *virDomainDefFormat(virDomainDefPtr def, diff --git a/src/bhyve/bhyve_driver.c b/src/bhyve/bhyve_driver.c index 912797cfcf..3e192284cc 100644 --- a/src/bhyve/bhyve_driver.c +++ b/src/bhyve/bhyve_driver.c @@ -484,6 +484,8 @@ bhyveDomainGetXMLDesc(virDomainPtr domain, unsigned int= flags) virCapsPtr caps =3D NULL; char *ret =3D NULL; + virCheckFlags(VIR_DOMAIN_XML_COMMON_FLAGS, NULL); + if (!(vm =3D bhyveDomObjFromDomain(domain))) goto cleanup; diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 5d49f4388c..37bbf211c5 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -28996,6 +28996,8 @@ virDomainDefFormatInternal(virDomainDefPtr def, return -1; } +/* Converts VIR_DOMAIN_XML_COMMON_FLAGS into VIR_DOMAIN_DEF_FORMAT_* flags, + * and silently ignores any other flags. */ unsigned int virDomainDefFormatConvertXMLFlags(unsigned int flags) { unsigned int formatFlags =3D 0; diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c index b1af646155..379c2bae73 100644 --- a/src/esx/esx_driver.c +++ b/src/esx/esx_driver.c @@ -2604,7 +2604,7 @@ esxDomainGetXMLDesc(virDomainPtr domain, unsigned int= flags) virDomainDefPtr def =3D NULL; char *xml =3D NULL; - /* Flags checked by virDomainDefFormat */ + virCheckFlags(VIR_DOMAIN_XML_COMMON_FLAGS, NULL); memset(&data, 0, sizeof(data)); diff --git a/src/hyperv/hyperv_driver.c b/src/hyperv/hyperv_driver.c index f41cd1c939..0e2c6c55ef 100644 --- a/src/hyperv/hyperv_driver.c +++ b/src/hyperv/hyperv_driver.c @@ -754,7 +754,7 @@ hypervDomainGetXMLDesc(virDomainPtr domain, unsigned in= t flags) Msvm_ProcessorSettingData *processorSettingData =3D NULL; Msvm_MemorySettingData *memorySettingData =3D NULL; - /* Flags checked by virDomainDefFormat */ + virCheckFlags(VIR_DOMAIN_XML_COMMON_FLAGS, NULL); if (!(def =3D virDomainDefNew())) goto cleanup; diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c index 7981ccaf21..31b842aeee 100644 --- a/src/libxl/libxl_driver.c +++ b/src/libxl/libxl_driver.c @@ -2621,7 +2621,7 @@ libxlDomainGetXMLDesc(virDomainPtr dom, unsigned int = flags) virDomainDefPtr def; char *ret =3D NULL; - /* Flags checked by virDomainDefFormat */ + virCheckFlags(VIR_DOMAIN_XML_COMMON_FLAGS, NULL); if (!(vm =3D libxlDomObjFromDomain(dom))) goto cleanup; diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index c48f6d9067..516a6b4de3 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -987,7 +987,7 @@ static char *lxcDomainGetXMLDesc(virDomainPtr dom, virDomainObjPtr vm; char *ret =3D NULL; - /* Flags checked by virDomainDefFormat */ + virCheckFlags(VIR_DOMAIN_XML_COMMON_FLAGS, NULL); if (!(vm =3D lxcDomObjFromDomain(dom))) goto cleanup; diff --git a/src/openvz/openvz_driver.c b/src/openvz/openvz_driver.c index 06950ce9ed..39eeb2c12e 100644 --- a/src/openvz/openvz_driver.c +++ b/src/openvz/openvz_driver.c @@ -519,7 +519,7 @@ static char *openvzDomainGetXMLDesc(virDomainPtr dom, u= nsigned int flags) { virDomainObjPtr vm; char *ret =3D NULL; - /* Flags checked by virDomainDefFormat */ + virCheckFlags(VIR_DOMAIN_XML_COMMON_FLAGS, NULL); if (!(vm =3D openvzDomObjFromDomain(driver, dom->uuid))) return NULL; diff --git a/src/phyp/phyp_driver.c b/src/phyp/phyp_driver.c index dc082b1d08..e54799dbb4 100644 --- a/src/phyp/phyp_driver.c +++ b/src/phyp/phyp_driver.c @@ -3214,7 +3214,7 @@ phypDomainGetXMLDesc(virDomainPtr dom, unsigned int f= lags) unsigned long long memory; unsigned int vcpus; - /* Flags checked by virDomainDefFormat */ + virCheckFlags(VIR_DOMAIN_XML_COMMON_FLAGS, NULL); memset(&def, 0, sizeof(virDomainDef)); diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 971f915619..b039675d1a 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -7342,7 +7342,8 @@ static char virDomainObjPtr vm; char *ret =3D NULL; - /* Flags checked by virDomainDefFormat */ + virCheckFlags(VIR_DOMAIN_XML_COMMON_FLAGS | VIR_DOMAIN_XML_UPDATE_CPU, + NULL); if (!(vm =3D qemuDomObjFromDomain(dom))) goto cleanup; diff --git a/src/test/test_driver.c b/src/test/test_driver.c index c1faff46ff..cde9e3d417 100644 --- a/src/test/test_driver.c +++ b/src/test/test_driver.c @@ -2628,7 +2628,7 @@ static char *testDomainGetXMLDesc(virDomainPtr domain= , unsigned int flags) virDomainObjPtr privdom; char *ret =3D NULL; - /* Flags checked by virDomainDefFormat */ + virCheckFlags(VIR_DOMAIN_XML_COMMON_FLAGS, NULL); if (!(privdom =3D testDomObjFromDomain(domain))) return NULL; diff --git a/src/vbox/vbox_common.c b/src/vbox/vbox_common.c index 664650f217..d95fe7c7ae 100644 --- a/src/vbox/vbox_common.c +++ b/src/vbox/vbox_common.c @@ -4052,7 +4052,7 @@ static char *vboxDomainGetXMLDesc(virDomainPtr dom, u= nsigned int flags) if (!data->vboxObj) return ret; - /* Flags checked by virDomainDefFormat */ + virCheckFlags(VIR_DOMAIN_XML_COMMON_FLAGS, NULL); if (openSessionForMachine(data, dom->uuid, &iid, &machine) < 0) goto cleanup; diff --git a/src/vmware/vmware_driver.c b/src/vmware/vmware_driver.c index f94b3252fe..f4b0989afd 100644 --- a/src/vmware/vmware_driver.c +++ b/src/vmware/vmware_driver.c @@ -932,7 +932,7 @@ vmwareDomainGetXMLDesc(virDomainPtr dom, unsigned int f= lags) virDomainObjPtr vm; char *ret =3D NULL; - /* Flags checked by virDomainDefFormat */ + virCheckFlags(VIR_DOMAIN_XML_COMMON_FLAGS, NULL); if (!(vm =3D vmwareDomObjFromDomain(driver, dom->uuid))) return NULL; diff --git a/src/vz/vz_driver.c b/src/vz/vz_driver.c index b22a44d6ad..f99ade82b6 100644 --- a/src/vz/vz_driver.c +++ b/src/vz/vz_driver.c @@ -724,7 +724,7 @@ vzDomainGetXMLDesc(virDomainPtr domain, unsigned int fl= ags) virDomainObjPtr dom; char *ret =3D NULL; - /* Flags checked by virDomainDefFormat */ + virCheckFlags(VIR_DOMAIN_XML_COMMON_FLAGS, NULL); if (!(dom =3D vzDomObjFromDomain(domain))) return NULL; --=20 2.20.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat May 4 09:32:26 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 15501797709251005.6391434952559; Thu, 14 Feb 2019 13:29:30 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 890007C84D; Thu, 14 Feb 2019 21:29:28 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 310525C54B; Thu, 14 Feb 2019 21:29:27 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 72BF0181A00C; Thu, 14 Feb 2019 21:29:25 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x1ELTOEL003086 for ; Thu, 14 Feb 2019 16:29:24 -0500 Received: by smtp.corp.redhat.com (Postfix) id 267B21019601; Thu, 14 Feb 2019 21:29:24 +0000 (UTC) Received: from blue.redhat.com (ovpn-116-127.phx2.redhat.com [10.3.116.127]) by smtp.corp.redhat.com (Postfix) with ESMTP id A4F5010027DA; Thu, 14 Feb 2019 21:29:21 +0000 (UTC) From: Eric Blake To: libvir-list@redhat.com Date: Thu, 14 Feb 2019 15:29:13 -0600 Message-Id: <20190214212916.25180-3-eblake@redhat.com> In-Reply-To: <20190214212916.25180-1-eblake@redhat.com> References: <20190214212916.25180-1-eblake@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 2/5] qemu: Use correct domain xml flag X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Thu, 14 Feb 2019 21:29:29 +0000 (UTC) Content-Type: text/plain; charset="utf-8" Although VIR_DOMAIN_DEF_FORMAT_INACTIVE and VIR_DOMAIN_XML_INACTIVE happen to have the same value (1<<1), they come from different enums; and it is nicer to reason about a 'flags' variable if all uses of that variable are compared against the same enum type. Messed up in commit 06f75ff2 (3.8.0). Signed-off-by: Eric Blake Reviewed-by: John Ferlan --- src/qemu/qemu_driver.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index b039675d1a..2458343a86 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -7360,7 +7360,7 @@ static char * ignore the VIR_DOMAIN_XML_UPDATE_CPU flag. */ if (virDomainObjIsActive(vm) && - !(flags & VIR_DOMAIN_DEF_FORMAT_INACTIVE)) + !(flags & VIR_DOMAIN_XML_INACTIVE)) flags &=3D ~VIR_DOMAIN_XML_UPDATE_CPU; ret =3D qemuDomainFormatXML(driver, vm, flags); --=20 2.20.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat May 4 09:32:26 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1550179770845472.998017007523; Thu, 14 Feb 2019 13:29:30 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 1BFC82DA998; Thu, 14 Feb 2019 21:29:28 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 379671001F5E; Thu, 14 Feb 2019 21:29:27 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id AE8193F603; Thu, 14 Feb 2019 21:29:25 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x1ELTOhS003092 for ; Thu, 14 Feb 2019 16:29:24 -0500 Received: by smtp.corp.redhat.com (Postfix) id 85B061001F5E; Thu, 14 Feb 2019 21:29:24 +0000 (UTC) Received: from blue.redhat.com (ovpn-116-127.phx2.redhat.com [10.3.116.127]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4353C1019601; Thu, 14 Feb 2019 21:29:24 +0000 (UTC) From: Eric Blake To: libvir-list@redhat.com Date: Thu, 14 Feb 2019 15:29:14 -0600 Message-Id: <20190214212916.25180-4-eblake@redhat.com> In-Reply-To: <20190214212916.25180-1-eblake@redhat.com> References: <20190214212916.25180-1-eblake@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 3/5] domain: Document VIR_DOMAIN_XML_MIGRATABLE X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Thu, 14 Feb 2019 21:29:29 +0000 (UTC) Content-Type: text/plain; charset="utf-8" Commit 28f8dfdc (1.0.0) added a flag to virDomainGetXMLDesc, but failed to document its effects. Signed-off-by: Eric Blake Reviewed-by: John Ferlan --- src/libvirt-domain.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c index 54ca18f249..6158382d07 100644 --- a/src/libvirt-domain.c +++ b/src/libvirt-domain.c @@ -2559,7 +2559,13 @@ virDomainGetControlInfo(virDomainPtr domain, * currently running domain. If @flags contains * VIR_DOMAIN_XML_UPDATE_CPU, then the portion of the domain XML * describing CPU capabilities is modified to match actual - * capabilities of the host. + * capabilities of the host. If @flags contains VIR_DOMAIN_XML_MIGRATABLE, + * the XML is altered to trim redundant information that might interfere + * with migration to an older version of libvirt, as well as expose additi= onal + * information internal to libvirt; this flag is rejected on read-only + * connections, and the resulting XML might not validate against the schem= a, + * but it can serve as a starting point for custom XML in calls such as + * virDomainMigrate2(). * * Returns a 0 terminated UTF-8 encoded XML instance, or NULL in case of e= rror. * the caller must free() the returned value. --=20 2.20.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat May 4 09:32:26 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 155017979090862.54006573732636; Thu, 14 Feb 2019 13:29:50 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C2DC68AE79; Thu, 14 Feb 2019 21:29:48 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 85A355D6B6; Thu, 14 Feb 2019 21:29:48 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 3838A181A048; Thu, 14 Feb 2019 21:29:48 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x1ELTOAk003097 for ; Thu, 14 Feb 2019 16:29:25 -0500 Received: by smtp.corp.redhat.com (Postfix) id EC3DD1001F5E; Thu, 14 Feb 2019 21:29:24 +0000 (UTC) Received: from blue.redhat.com (ovpn-116-127.phx2.redhat.com [10.3.116.127]) by smtp.corp.redhat.com (Postfix) with ESMTP id A5EDB10027DA; Thu, 14 Feb 2019 21:29:24 +0000 (UTC) From: Eric Blake To: libvir-list@redhat.com Date: Thu, 14 Feb 2019 15:29:15 -0600 Message-Id: <20190214212916.25180-5-eblake@redhat.com> In-Reply-To: <20190214212916.25180-1-eblake@redhat.com> References: <20190214212916.25180-1-eblake@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 4/5] domain: Define explicit flags for saved image xml X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Thu, 14 Feb 2019 21:29:49 +0000 (UTC) Content-Type: text/plain; charset="utf-8" Commit d2a929d4 (0.9.4) defined virDomainSaveImageGetXMLDesc()'s use of @flags as a subset of virDomainXMLFlags, documenting that 2 of the 3 flags defined at the time would never be valid. Later, commit 28f8dfdc (1.0.0) introduced a new flag, VIR_DOMAIN_XML_MIGRATABLE, but did not adjust the save image documentation to declare it as invalid. Later, commit a67e3872 (3.7.0) blindly copied and pasted the same text into virDomainManagedSaveGetXMLDesc. However, since the flag is not accepted as valid by any of the drivers (remote is just passthrough; and qemu is the only supporting driver for either API, with support for just VIR_DOMAIN_XML_SECURE), it is easier to just define an explicit set of supported flags directly related to the save image API rather than trying to borrow from live domain API, and risking confusion if even more domain flags are added later (in fact, I have an upcoming patch that plans to add a new flag to virDomainGetXMLDesc that makes no sense for saved images). We may someday decide that saved images need to support the _MIGRATABLE flag, as it is possible to load a saved image with a different version of libvirt than the one that created it, but that can be a separate patch if it is ever needed. Meanwhile, it DOES make sense to reuse the same flags for SaveImage and for ManagedSave (since ManagedSave is really just sugar for creating a normal SaveImage in a location controlled by libvirt instead of by the user). There is no API or ABI impact (since we purposefully used unsigned int rather than an enum type in public API, and since the new flag name carries the same value as the old reused name). Signed-off-by: Eric Blake Reviewed-by: John Ferlan --- include/libvirt/libvirt-domain.h | 5 +++++ src/libvirt-domain.c | 14 ++++++-------- src/qemu/qemu_driver.c | 4 ++-- src/remote/remote_protocol.x | 4 ++-- 4 files changed, 15 insertions(+), 12 deletions(-) diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-dom= ain.h index d82c75a9d9..1d5bdb545d 100644 --- a/include/libvirt/libvirt-domain.h +++ b/include/libvirt/libvirt-domain.h @@ -1219,6 +1219,7 @@ int virDomainRestoreFlags (virC= onnectPtr conn, const char *dxml, unsigned int flags); +/* See below for virDomainSaveImageXMLFlags */ char * virDomainSaveImageGetXMLDesc (virConnectPtr conn, const char *file, unsigned int flags); @@ -1571,6 +1572,10 @@ typedef enum { VIR_DOMAIN_XML_MIGRATABLE =3D (1 << 3), /* dump XML suitable for mig= ration */ } virDomainXMLFlags; +typedef enum { + VIR_DOMAIN_SAVE_IMAGE_XML_SECURE =3D VIR_DOMAIN_XML_SECURE, /*= dump security sensitive information too */ +} virDomainSaveImageXMLFlags; + char * virDomainGetXMLDesc (virDomainPtr domain, unsigned int flags); diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c index 6158382d07..4528cab0e2 100644 --- a/src/libvirt-domain.c +++ b/src/libvirt-domain.c @@ -1066,16 +1066,15 @@ virDomainRestoreFlags(virConnectPtr conn, const cha= r *from, const char *dxml, * virDomainSaveImageGetXMLDesc: * @conn: pointer to the hypervisor connection * @file: path to saved state file - * @flags: bitwise-OR of subset of virDomainXMLFlags + * @flags: bitwise-OR of supported virDomainSaveImageXMLFlags * * This method will extract the XML describing the domain at the time * a saved state file was created. @file must be a file created * previously by virDomainSave() or virDomainSaveFlags(). * * No security-sensitive data will be included unless @flags contains - * VIR_DOMAIN_XML_SECURE; this flag is rejected on read-only - * connections. For this API, @flags should not contain either - * VIR_DOMAIN_XML_INACTIVE or VIR_DOMAIN_XML_UPDATE_CPU. + * VIR_DOMAIN_SAVE_IMAGE_XML_SECURE; this flag is rejected on read-only + * connections. * * Returns a 0 terminated UTF-8 encoded XML instance, or NULL in case of * error. The caller must free() the returned value. @@ -9483,15 +9482,14 @@ virDomainManagedSaveRemove(virDomainPtr dom, unsign= ed int flags) /** * virDomainManagedSaveGetXMLDesc: * @domain: a domain object - * @flags: bitwise-OR of subset of virDomainXMLFlags + * @flags: bitwise-OR of supported virDomainSaveImageXMLFlags * * This method will extract the XML description of the managed save * state file of a domain. * * No security-sensitive data will be included unless @flags contains - * VIR_DOMAIN_XML_SECURE; this flag is rejected on read-only - * connections. For this API, @flags should not contain either - * VIR_DOMAIN_XML_INACTIVE or VIR_DOMAIN_XML_UPDATE_CPU. + * VIR_DOMAIN_SAVE_IMAGE_XML_SECURE; this flag is rejected on read-only + * connections. * * Returns a 0 terminated UTF-8 encoded XML instance, or NULL in case of * error. The caller must free() the returned value. diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 2458343a86..54750dc253 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -7082,7 +7082,7 @@ qemuDomainSaveImageGetXMLDesc(virConnectPtr conn, con= st char *path, virQEMUSaveDataPtr data =3D NULL; /* We only take subset of virDomainDefFormat flags. */ - virCheckFlags(VIR_DOMAIN_XML_SECURE, NULL); + virCheckFlags(VIR_DOMAIN_SAVE_IMAGE_XML_SECURE, NULL); fd =3D qemuDomainSaveImageOpen(driver, path, &def, &data, false, NULL, false, false); @@ -7187,7 +7187,7 @@ qemuDomainManagedSaveGetXMLDesc(virDomainPtr dom, uns= igned int flags) virQEMUSaveDataPtr data =3D NULL; /* We only take subset of virDomainDefFormat flags. */ - virCheckFlags(VIR_DOMAIN_XML_SECURE, NULL); + virCheckFlags(VIR_DOMAIN_SAVE_IMAGE_XML_SECURE, NULL); if (!(vm =3D qemuDomObjFromDomain(dom))) return ret; diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x index b9d26b1849..42a87d418b 100644 --- a/src/remote/remote_protocol.x +++ b/src/remote/remote_protocol.x @@ -5235,7 +5235,7 @@ enum remote_procedure { * @generate: both * @priority: high * @acl: domain:read - * @acl: domain:read_secure:VIR_DOMAIN_XML_SECURE + * @acl: domain:read_secure:VIR_DOMAIN_SAVE_IMAGE_XML_SECURE */ REMOTE_PROC_DOMAIN_SAVE_IMAGE_GET_XML_DESC =3D 235, @@ -6230,7 +6230,7 @@ enum remote_procedure { /** * @generate: both * @acl: domain:read - * @acl: domain:read_secure:VIR_DOMAIN_XML_SECURE + * @acl: domain:read_secure:VIR_DOMAIN_SAVE_IMAGE_XML_SECURE */ REMOTE_PROC_DOMAIN_MANAGED_SAVE_GET_XML_DESC =3D 388, --=20 2.20.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat May 4 09:32:26 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1550179795914842.212025071548; Thu, 14 Feb 2019 13:29:55 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id E7D558AE5C; Thu, 14 Feb 2019 21:29:52 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id AAB695D707; Thu, 14 Feb 2019 21:29:52 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 586123F609; Thu, 14 Feb 2019 21:29:52 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x1ELTP78003102 for ; Thu, 14 Feb 2019 16:29:25 -0500 Received: by smtp.corp.redhat.com (Postfix) id 5D3601019601; Thu, 14 Feb 2019 21:29:25 +0000 (UTC) Received: from blue.redhat.com (ovpn-116-127.phx2.redhat.com [10.3.116.127]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1800010027DA; Thu, 14 Feb 2019 21:29:25 +0000 (UTC) From: Eric Blake To: libvir-list@redhat.com Date: Thu, 14 Feb 2019 15:29:16 -0600 Message-Id: <20190214212916.25180-6-eblake@redhat.com> In-Reply-To: <20190214212916.25180-1-eblake@redhat.com> References: <20190214212916.25180-1-eblake@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 5/5] snapshot: Define explicit flags for snapshot xml X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Thu, 14 Feb 2019 21:29:54 +0000 (UTC) Content-Type: text/plain; charset="utf-8" Commit f609cb85 (0.9.5) introduced virDomainSnapshotGetXMLDesc()'s use of @flags as a subset of virDomainXMLFlags, documenting that 2 of the 3 flags defined at the time would never be valid. Later, commit 28f8dfdc (1.0.0) introduced a new flag, VIR_DOMAIN_XML_MIGRATABLE, but did not adjust the snapshot documentation to declare it as invalid. However, since the flag is not accepted as valid by any of the drivers (remote is just passthrough; esx and vbox don't support flags; qemu, test, and vz only support VIR_DOMAIN_XML_SECURE), and it is unlikely that the domain state saved off during a snapshot creation needs to be migration-friendly (as the snapshot is not the source of a migration), it is easier to just define an explicit set of supported flags directly related to the snapshot API rather than trying to borrow from domain API, and risking confusion if even more domain flags are added later (in fact, I have an upcoming patch that plans to add a new flag to virDomainGetXMLDesc that makes no sense for snapshots). There is no API or ABI impact (since we purposefully used unsigned int rather than an enum type in public API, and since the new flag name carries the same value as the reused name). Signed-off-by: Eric Blake Reviewed-by: John Ferlan --- include/libvirt/libvirt-domain-snapshot.h | 4 ++++ src/libvirt-domain-snapshot.c | 9 ++++----- src/qemu/qemu_driver.c | 2 +- src/remote/remote_protocol.x | 2 +- src/test/test_driver.c | 2 +- src/vz/vz_driver.c | 2 +- 6 files changed, 12 insertions(+), 9 deletions(-) diff --git a/include/libvirt/libvirt-domain-snapshot.h b/include/libvirt/li= bvirt-domain-snapshot.h index 0c9985f7f4..2532b99c58 100644 --- a/include/libvirt/libvirt-domain-snapshot.h +++ b/include/libvirt/libvirt-domain-snapshot.h @@ -78,6 +78,10 @@ virDomainSnapshotPtr virDomainSnapshotCreateXML(virDomai= nPtr domain, const char *xmlDesc, unsigned int flags); +typedef enum { + VIR_DOMAIN_SNAPSHOT_XML_SECURE =3D VIR_DOMAIN_XML_SECURE, /* d= ump security sensitive information too */ +} virDomainSnapshotXMLFlags; + /* Dump the XML of a snapshot */ char *virDomainSnapshotGetXMLDesc(virDomainSnapshotPtr snapshot, unsigned int flags); diff --git a/src/libvirt-domain-snapshot.c b/src/libvirt-domain-snapshot.c index 100326a5e7..a724c66421 100644 --- a/src/libvirt-domain-snapshot.c +++ b/src/libvirt-domain-snapshot.c @@ -244,14 +244,13 @@ virDomainSnapshotCreateXML(virDomainPtr domain, /** * virDomainSnapshotGetXMLDesc: * @snapshot: a domain snapshot object - * @flags: bitwise-OR of subset of virDomainXMLFlags + * @flags: bitwise-OR of supported virDomainSnapshotXMLFlags * * Provide an XML description of the domain snapshot. * * No security-sensitive data will be included unless @flags contains - * VIR_DOMAIN_XML_SECURE; this flag is rejected on read-only - * connections. For this API, @flags should not contain either - * VIR_DOMAIN_XML_INACTIVE or VIR_DOMAIN_XML_UPDATE_CPU. + * VIR_DOMAIN_SNAPSHOT_XML_SECURE; this flag is rejected on read-only + * connections. * * Returns a 0 terminated UTF-8 encoded XML instance, or NULL in case of e= rror. * the caller must free() the returned value. @@ -268,7 +267,7 @@ virDomainSnapshotGetXMLDesc(virDomainSnapshotPtr snapsh= ot, virCheckDomainSnapshotReturn(snapshot, NULL); conn =3D snapshot->domain->conn; - if ((conn->flags & VIR_CONNECT_RO) && (flags & VIR_DOMAIN_XML_SECURE))= { + if ((conn->flags & VIR_CONNECT_RO) && (flags & VIR_DOMAIN_SNAPSHOT_XML= _SECURE)) { virReportError(VIR_ERR_OPERATION_DENIED, "%s", _("virDomainSnapshotGetXMLDesc with secure flag")); goto error; diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 54750dc253..7cca4b72fb 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -16252,7 +16252,7 @@ qemuDomainSnapshotGetXMLDesc(virDomainSnapshotPtr s= napshot, virDomainSnapshotObjPtr snap =3D NULL; char uuidstr[VIR_UUID_STRING_BUFLEN]; - virCheckFlags(VIR_DOMAIN_XML_SECURE, NULL); + virCheckFlags(VIR_DOMAIN_SNAPSHOT_XML_SECURE, NULL); if (!(vm =3D qemuDomObjFromSnapshot(snapshot))) return NULL; diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x index 42a87d418b..60cc40e04a 100644 --- a/src/remote/remote_protocol.x +++ b/src/remote/remote_protocol.x @@ -4902,7 +4902,7 @@ enum remote_procedure { * @generate: both * @priority: high * @acl: domain:read - * @acl: domain:read_secure:VIR_DOMAIN_XML_SECURE + * @acl: domain:read_secure:VIR_DOMAIN_SNAPSHOT_XML_SECURE */ REMOTE_PROC_DOMAIN_SNAPSHOT_GET_XML_DESC =3D 186, diff --git a/src/test/test_driver.c b/src/test/test_driver.c index cde9e3d417..ce0df1f8e3 100644 --- a/src/test/test_driver.c +++ b/src/test/test_driver.c @@ -6197,7 +6197,7 @@ testDomainSnapshotGetXMLDesc(virDomainSnapshotPtr sna= pshot, char uuidstr[VIR_UUID_STRING_BUFLEN]; testDriverPtr privconn =3D snapshot->domain->conn->privateData; - virCheckFlags(VIR_DOMAIN_XML_SECURE, NULL); + virCheckFlags(VIR_DOMAIN_SNAPSHOT_XML_SECURE, NULL); if (!(vm =3D testDomObjFromSnapshot(snapshot))) return NULL; diff --git a/src/vz/vz_driver.c b/src/vz/vz_driver.c index f99ade82b6..2d2eaf88a6 100644 --- a/src/vz/vz_driver.c +++ b/src/vz/vz_driver.c @@ -2273,7 +2273,7 @@ vzDomainSnapshotGetXMLDesc(virDomainSnapshotPtr snaps= hot, unsigned int flags) virDomainSnapshotObjListPtr snapshots =3D NULL; vzConnPtr privconn =3D snapshot->domain->conn->privateData; - virCheckFlags(VIR_DOMAIN_XML_SECURE, NULL); + virCheckFlags(VIR_DOMAIN_SNAPSHOT_XML_SECURE, NULL); if (!(dom =3D vzDomObjFromDomain(snapshot->domain))) return NULL; --=20 2.20.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list