From nobody Sun Feb 8 18:49:24 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1575469310; cv=none; d=zohomail.com; s=zohoarc; b=CcsI/ZevXXAF6UdY7UnNtAkOBa1OJacQwpab/RnkS9iResRokbaXrBJ/vNDPv2sgbMsgL9rhyVFIw118TrZFuj78v5HGKMIPVW+rZJ5OT5u8Y699dQGEhmYhZasjiaGjpuc/SEJADMDZTQ7ULB63gTuSDIc9tUZDtMR3Q6Rvetk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1575469310; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=+4KiFPeW+p9NMPe3AQl24sgm29Rd+fgvyGI34EZ9/sg=; b=dhKmlk1gb0XypLMyBFHZDYKF5uKfcwSJyW/RB0Zg88ltRsLhr5mcIBmxuhFO7uMwLNiYBRbNKrKQ/N73u6yAtZt8Nc3fM62rlfewI8q0uhkwofGGaFkjZSXb8SVYWT/KblEipeQqBYfzkW/cO9N/NbTXa7DRQFIHoI0sFNcpH+c= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1575469310970254.7605652442221; Wed, 4 Dec 2019 06:21:50 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-336-nD_0-N0HO1Og7AmkPwQ41w-1; Wed, 04 Dec 2019 09:21:47 -0500 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id E18858D093F; Wed, 4 Dec 2019 14:21:38 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B78ED19C6A; Wed, 4 Dec 2019 14:21:38 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 1FB685BC19; Wed, 4 Dec 2019 14:21:38 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id xB4ELVct008157 for ; Wed, 4 Dec 2019 09:21:31 -0500 Received: by smtp.corp.redhat.com (Postfix) id 4E08D608F7; Wed, 4 Dec 2019 14:21:31 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-55.ams2.redhat.com [10.36.112.55]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4DC7E1D1; Wed, 4 Dec 2019 14:21:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1575469309; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=+4KiFPeW+p9NMPe3AQl24sgm29Rd+fgvyGI34EZ9/sg=; b=QsDJrZPFrp75b9YsN0ct8PlnZyOXZ7KOr3AJMjB2PrBsi2Ku+ADgMf9WVVEsBT6ueurpB3 uAy4xjXxvLQ+jrJ/gQKiZcXWobpTkpCntcWs1JAAZqR+nUASN/sbtXhS5fKqUd1LLEOI4E 8hC8mHePczakMmTZxF/aZjhnZw2v3/I= From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Wed, 4 Dec 2019 14:20:53 +0000 Message-Id: <20191204142113.2961028-11-berrange@redhat.com> In-Reply-To: <20191204142113.2961028-1-berrange@redhat.com> References: <20191204142113.2961028-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 10/30] conf: pass default sec model in parser config X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-MC-Unique: nD_0-N0HO1Og7AmkPwQ41w-1 X-Mimecast-Spam-Score: 0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Instead of using the virCapsPtr to get the default security model, pass this in via the parser config. Signed-off-by: Daniel P. Berrang=C3=A9 --- src/conf/domain_conf.c | 14 +++++++------- src/conf/domain_conf.h | 1 + src/qemu/qemu_conf.c | 4 +++- src/qemu/qemu_conf.h | 3 ++- src/qemu/qemu_driver.c | 11 ++++++++++- tests/testutilsqemu.c | 2 +- 6 files changed, 24 insertions(+), 11 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index f037702ac2..8acc91de74 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -8911,13 +8911,12 @@ virSecurityLabelDefParseXML(xmlXPathContextPtr ctxt, static int virSecurityLabelDefsParseXML(virDomainDefPtr def, xmlXPathContextPtr ctxt, - virCapsPtr caps, + virDomainXMLOptionPtr xmlopt, unsigned int flags) { VIR_XPATH_NODE_AUTORESTORE(ctxt); size_t i =3D 0, j; int n; - virCapsHostPtr host =3D &caps->host; g_autofree xmlNodePtr *list =3D NULL; =20 /* Allocate a security labels based on XML */ @@ -8960,15 +8959,16 @@ virSecurityLabelDefsParseXML(virDomainDefPtr def, */ if (def->nseclabels =3D=3D 1 && !def->seclabels[0]->model && - host->nsecModels > 0) { + xmlopt !=3D NULL && + xmlopt->config.defSecModel !=3D NULL) { if (def->seclabels[0]->type =3D=3D VIR_DOMAIN_SECLABEL_NONE || (def->seclabels[0]->type =3D=3D VIR_DOMAIN_SECLABEL_DYNAMIC && !def->seclabels[0]->baselabel && (flags & VIR_DOMAIN_DEF_PARSE_INACTIVE))) { /* Copy model from host. */ VIR_DEBUG("Found seclabel without a model, using '%s'", - host->secModels[0].model); - def->seclabels[0]->model =3D g_strdup(host->secModels[0].model= ); + xmlopt->config.defSecModel); + def->seclabels[0]->model =3D g_strdup(xmlopt->config.defSecMod= el); =20 if (STREQ(def->seclabels[0]->model, "none") && flags & VIR_DOMAIN_DEF_PARSE_INACTIVE) { @@ -19733,7 +19733,7 @@ virDomainMemorytuneDefParse(virDomainDefPtr def, static virDomainDefPtr virDomainDefParseXML(xmlDocPtr xml, xmlXPathContextPtr ctxt, - virCapsPtr caps, + virCapsPtr caps G_GNUC_UNUSED, virDomainXMLOptionPtr xmlopt, unsigned int flags) { @@ -19841,7 +19841,7 @@ virDomainDefParseXML(xmlDocPtr xml, /* analysis of security label, done early even though we format it * late, so devices can refer to this for defaults */ if (!(flags & VIR_DOMAIN_DEF_PARSE_SKIP_SECLABEL)) { - if (virSecurityLabelDefsParseXML(def, ctxt, caps, flags) =3D=3D -1) + if (virSecurityLabelDefsParseXML(def, ctxt, xmlopt, flags) =3D=3D = -1) goto error; } =20 diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index e85d3bd5b5..af57e288e9 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -2707,6 +2707,7 @@ struct _virDomainDefParserConfig { unsigned char macPrefix[VIR_MAC_PREFIX_BUFLEN]; virArch defArch; const char *netPrefix; + const char *defSecModel; }; =20 typedef void *(*virDomainXMLPrivateDataAllocFunc)(void *); diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index 53658c80e8..053bcc7e02 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -1191,9 +1191,11 @@ virQEMUDriverIsPrivileged(virQEMUDriverPtr driver) } =20 virDomainXMLOptionPtr -virQEMUDriverCreateXMLConf(virQEMUDriverPtr driver) +virQEMUDriverCreateXMLConf(virQEMUDriverPtr driver, + const char *defsecmodel) { virQEMUDriverDomainDefParserConfig.priv =3D driver; + virQEMUDriverDomainDefParserConfig.defSecModel =3D defsecmodel; return virDomainXMLOptionNew(&virQEMUDriverDomainDefParserConfig, &virQEMUDriverPrivateDataCallbacks, &virQEMUDriverDomainXMLNamespace, diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h index 7c56226b8c..8b6c2a95d4 100644 --- a/src/qemu/qemu_conf.h +++ b/src/qemu/qemu_conf.h @@ -366,7 +366,8 @@ int qemuRemoveSharedDisk(virQEMUDriverPtr driver, int qemuSetUnprivSGIO(virDomainDeviceDefPtr dev); =20 int qemuDriverAllocateID(virQEMUDriverPtr driver); -virDomainXMLOptionPtr virQEMUDriverCreateXMLConf(virQEMUDriverPtr driver); +virDomainXMLOptionPtr virQEMUDriverCreateXMLConf(virQEMUDriverPtr driver, + const char *defsecmodel); =20 int qemuTranslateSnapshotDiskSourcePool(virDomainSnapshotDiskDefPtr def); =20 diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 891ca28d94..93a92dad36 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -656,6 +656,8 @@ qemuStateInitialize(bool privileged, g_autofree char *memoryBackingPath =3D NULL; bool autostart =3D true; size_t i; + const char *defsecmodel =3D NULL; + g_autofree virSecurityManagerPtr *sec_managers =3D NULL; =20 if (VIR_ALLOC(qemu_driver) < 0) return VIR_DRV_STATE_INIT_ERROR; @@ -916,7 +918,14 @@ qemuStateInitialize(bool privileged, if ((qemu_driver->caps =3D virQEMUDriverCreateCapabilities(qemu_driver= )) =3D=3D NULL) goto error; =20 - if (!(qemu_driver->xmlopt =3D virQEMUDriverCreateXMLConf(qemu_driver))) + if (!(sec_managers =3D qemuSecurityGetNested(qemu_driver->securityMana= ger))) + goto error; + + if (sec_managers[0] !=3D NULL) + defsecmodel =3D qemuSecurityGetModel(sec_managers[0]); + + if (!(qemu_driver->xmlopt =3D virQEMUDriverCreateXMLConf(qemu_driver, + defsecmodel))) goto error; =20 /* If hugetlbfs is present, then we need to create a sub-directory wit= hin diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c index 0ca690a1ed..c24b3098a5 100644 --- a/tests/testutilsqemu.c +++ b/tests/testutilsqemu.c @@ -402,7 +402,7 @@ int qemuTestDriverInit(virQEMUDriver *driver) if (!driver->qemuCapsCache) goto error; =20 - driver->xmlopt =3D virQEMUDriverCreateXMLConf(driver); + driver->xmlopt =3D virQEMUDriverCreateXMLConf(driver, "none"); if (!driver->xmlopt) goto error; =20 --=20 2.23.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list