From nobody Sun Feb 8 01:34:13 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) client-ip=63.128.21.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1607466073; cv=none; d=zohomail.com; s=zohoarc; b=BhekEXN8zozr6K+hAtuKRlrEsuyrZ8X/yLwWE3E68NaqXUIGU/AR1/PWzeEoU+QhXr3XrzhP3TCU0UsHQZXikBznPhaQur23F7QdLs3cA0PZMEsBbY0xCTzvD95AIuX3D2hKVgdt7t1VMdRDPO4UPQIRbz8zQTj1BzLKz0zX1/c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1607466073; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=JqUlLotrGrOw13VZ9EeHrVj+QQBWzqirp3m4WK81/eo=; b=hvT6fIn5WaHofoleEC66J56PYHQtHEX0bLX1mVWo9fVRXCDwvluNXjsFkqI0UGK8weoiuKIgJjH7WdBTwGerPq85ffLp7HO72q2ioMszqpnEbDrepJZEaui7BjhFeFg6XS/JQUuKl4dkM+7vzaG2LU6pK5cioDufGxD/p1GiEoI= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.zohomail.com with SMTPS id 1607466073650677.1495178427517; Tue, 8 Dec 2020 14:21:13 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-382-pJmlOpuAN92O981DITqr9w-1; Tue, 08 Dec 2020 17:21:10 -0500 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id D265E803620; Tue, 8 Dec 2020 22:21:04 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id AFADC5C238; Tue, 8 Dec 2020 22:21:04 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 797134E58F; Tue, 8 Dec 2020 22:21:04 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 0B8ML2Cg017275 for ; Tue, 8 Dec 2020 17:21:02 -0500 Received: by smtp.corp.redhat.com (Postfix) id B6E5CA9FB9; Tue, 8 Dec 2020 22:21:02 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B1117A9FD5 for ; Tue, 8 Dec 2020 22:21:02 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 98B47800969 for ; Tue, 8 Dec 2020 22:21:02 +0000 (UTC) Received: from mail-qt1-f193.google.com (mail-qt1-f193.google.com [209.85.160.193]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-479-fbE6yL0CPlWavGC-OjncSA-1; Tue, 08 Dec 2020 17:21:00 -0500 Received: by mail-qt1-f193.google.com with SMTP id 7so13182403qtp.1 for ; Tue, 08 Dec 2020 14:21:00 -0800 (PST) Received: from rekt.redhat.com ([2804:431:c7c7:c1a:69c1:2b22:e880:fc49]) by smtp.gmail.com with ESMTPSA id c14sm75057qtg.85.2020.12.08.14.20.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Dec 2020 14:20:59 -0800 (PST) X-MC-Unique: pJmlOpuAN92O981DITqr9w-1 X-MC-Unique: fbE6yL0CPlWavGC-OjncSA-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=JqUlLotrGrOw13VZ9EeHrVj+QQBWzqirp3m4WK81/eo=; b=dZWAubSDUE6kjY5hIOTNEli/0fQGFakY5gEL4iHpJ9sBmTKkHhWKvdCsy7znBRAuVC 9lPG3zeqQQ4UcnQGOS6QBcBTNUps+nWi/MoBxkkf3Wp3TAKQK/uFuZJUcKvVhuX8Li/N jES0r1wJZRThyT8ZdO6m1TeqXFYykP/u7o1loSdzWsjukP4pVwpgx/vxyEE/RVGp/jgs c2Tqvb4xMsDXIZrr7QDM6S7gKBV+31GMEwcIBQrfcMSP/9cmw7PhBLcKlniotKo2v4hx k/Urh7HToPaCPFxY6o2a8j+Tk8/egAkc/OlW00i3rpE0hU0XAW1wHNlCx2OucXW2hvyx OfOQ== X-Gm-Message-State: AOAM5333dTmTAlUfusEQs7F/cd6PcBZSZdnowY9ep76pZ7e5hZhL4YnG XkMR4jTjm6c3WP9dZ+ocnq/jDVADpz8= X-Google-Smtp-Source: ABdhPJzS54R+4FGqlULYdzZHKwEYeeF9952/UBHGD/t+mX4FH/W/wRr5u/zODbV7urZBiIosGlBpNQ== X-Received: by 2002:aed:3064:: with SMTP id 91mr196551qte.151.1607466059758; Tue, 08 Dec 2020 14:20:59 -0800 (PST) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v3 05/14] domain_conf: move virDomainDiskDefValidate() to domain_validate.c Date: Tue, 8 Dec 2020 19:20:21 -0300 Message-Id: <20201208222030.1302229-6-danielhb413@gmail.com> In-Reply-To: <20201208222030.1302229-1-danielhb413@gmail.com> References: <20201208222030.1302229-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Next patch will add more validations to the function. Let's move it beforehand to domain_validate.c. virSecurityDeviceLabelDefValidateXML() is still used inside domain_conf.c, so make it public for now until its current caller (virDomainChrSourceDefValidate()) is also moved to domain_validate.c. Signed-off-by: Daniel Henrique Barboza --- src/conf/domain_conf.c | 152 ------------------------------------ src/conf/domain_validate.c | 153 +++++++++++++++++++++++++++++++++++++ src/conf/domain_validate.h | 6 ++ 3 files changed, 159 insertions(+), 152 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index db0ca975fe..5aeb75ce59 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -6043,158 +6043,6 @@ virDomainDefPostParse(virDomainDefPtr def, } =20 =20 -/** - * virDomainDiskAddressDiskBusCompatibility: - * @bus: disk bus type - * @addressType: disk address type - * - * Check if the specified disk address type @addressType is compatible - * with the specified disk bus type @bus. This function checks - * compatibility with the bus types SATA, SCSI, FDC, and IDE only, - * because only these are handled in common code. - * - * Returns true if compatible or can't be decided in common code, - * false if known to be not compatible. - */ -static bool -virDomainDiskAddressDiskBusCompatibility(virDomainDiskBus bus, - virDomainDeviceAddressType addres= sType) -{ - if (addressType =3D=3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) - return true; - - switch (bus) { - case VIR_DOMAIN_DISK_BUS_IDE: - case VIR_DOMAIN_DISK_BUS_FDC: - case VIR_DOMAIN_DISK_BUS_SCSI: - case VIR_DOMAIN_DISK_BUS_SATA: - return addressType =3D=3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_DRIVE; - case VIR_DOMAIN_DISK_BUS_VIRTIO: - case VIR_DOMAIN_DISK_BUS_XEN: - case VIR_DOMAIN_DISK_BUS_USB: - case VIR_DOMAIN_DISK_BUS_UML: - case VIR_DOMAIN_DISK_BUS_SD: - case VIR_DOMAIN_DISK_BUS_LAST: - return true; - } - - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - _("unexpected bus type '%d'"), - bus); - return true; -} - - -static int -virSecurityDeviceLabelDefValidateXML(virSecurityDeviceLabelDefPtr *seclabe= ls, - size_t nseclabels, - virSecurityLabelDefPtr *vmSeclabels, - size_t nvmSeclabels) -{ - virSecurityDeviceLabelDefPtr seclabel; - size_t i; - size_t j; - - for (i =3D 0; i < nseclabels; i++) { - seclabel =3D seclabels[i]; - - /* find the security label that it's being overridden */ - for (j =3D 0; j < nvmSeclabels; j++) { - if (STRNEQ_NULLABLE(vmSeclabels[j]->model, seclabel->model)) - continue; - - if (!vmSeclabels[j]->relabel) { - virReportError(VIR_ERR_XML_ERROR, "%s", - _("label overrides require relabeling to be= " - "enabled at the domain level")); - return -1; - } - } - } - - return 0; -} - - -static int -virDomainDiskDefValidate(const virDomainDef *def, - const virDomainDiskDef *disk) -{ - virStorageSourcePtr next; - - /* Validate LUN configuration */ - if (disk->device =3D=3D VIR_DOMAIN_DISK_DEVICE_LUN) { - /* volumes haven't been translated at this point, so accept them */ - if (!(disk->src->type =3D=3D VIR_STORAGE_TYPE_BLOCK || - disk->src->type =3D=3D VIR_STORAGE_TYPE_VOLUME || - (disk->src->type =3D=3D VIR_STORAGE_TYPE_NETWORK && - disk->src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_ISCSI))= ) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - _("disk '%s' improperly configured for a " - "device=3D'lun'"), disk->dst); - return -1; - } - } - - if (disk->src->pr && - disk->device !=3D VIR_DOMAIN_DISK_DEVICE_LUN) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _(" allowed only for lun devices")); - return -1; - } - - /* Reject disks with a bus type that is not compatible with the - * given address type. The function considers only buses that are - * handled in common code. For other bus types it's not possible - * to decide compatibility in common code. - */ - if (!virDomainDiskAddressDiskBusCompatibility(disk->bus, disk->info.ty= pe)) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - _("Invalid address type '%s' for the disk '%s' with= the bus type '%s'"), - virDomainDeviceAddressTypeToString(disk->info.type), - disk->dst, - virDomainDiskBusTypeToString(disk->bus)); - return -1; - } - - if (disk->queues && disk->bus !=3D VIR_DOMAIN_DISK_BUS_VIRTIO) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("queues attribute in disk driver element is only " - "supported by virtio-blk")); - return -1; - } - - if (disk->bus !=3D VIR_DOMAIN_DISK_BUS_VIRTIO && - (disk->model =3D=3D VIR_DOMAIN_DISK_MODEL_VIRTIO || - disk->model =3D=3D VIR_DOMAIN_DISK_MODEL_VIRTIO_TRANSITIONAL || - disk->model =3D=3D VIR_DOMAIN_DISK_MODEL_VIRTIO_NON_TRANSITIONAL)= ) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - _("disk model '%s' not supported for bus '%s'"), - virDomainDiskModelTypeToString(disk->model), - virDomainDiskBusTypeToString(disk->bus)); - return -1; - } - - if (disk->src->type =3D=3D VIR_STORAGE_TYPE_NVME) { - /* NVMe namespaces start from 1 */ - if (disk->src->nvme->namespc =3D=3D 0) { - virReportError(VIR_ERR_XML_ERROR, "%s", - _("NVMe namespace can't be zero")); - return -1; - } - } - - for (next =3D disk->src; next; next =3D next->backingStore) { - if (virSecurityDeviceLabelDefValidateXML(next->seclabels, - next->nseclabels, - def->seclabels, - def->nseclabels) < 0) - return -1; - } - - return 0; -} - bool virDomainDefHasUSB(const virDomainDef *def) { diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 234eb72f11..da36bef31a 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -150,3 +150,156 @@ virDomainVideoDefValidate(const virDomainVideoDef *vi= deo, =20 return 0; } + + +/** + * virDomainDiskAddressDiskBusCompatibility: + * @bus: disk bus type + * @addressType: disk address type + * + * Check if the specified disk address type @addressType is compatible + * with the specified disk bus type @bus. This function checks + * compatibility with the bus types SATA, SCSI, FDC, and IDE only, + * because only these are handled in common code. + * + * Returns true if compatible or can't be decided in common code, + * false if known to be not compatible. + */ +static bool +virDomainDiskAddressDiskBusCompatibility(virDomainDiskBus bus, + virDomainDeviceAddressType addres= sType) +{ + if (addressType =3D=3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) + return true; + + switch (bus) { + case VIR_DOMAIN_DISK_BUS_IDE: + case VIR_DOMAIN_DISK_BUS_FDC: + case VIR_DOMAIN_DISK_BUS_SCSI: + case VIR_DOMAIN_DISK_BUS_SATA: + return addressType =3D=3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_DRIVE; + case VIR_DOMAIN_DISK_BUS_VIRTIO: + case VIR_DOMAIN_DISK_BUS_XEN: + case VIR_DOMAIN_DISK_BUS_USB: + case VIR_DOMAIN_DISK_BUS_UML: + case VIR_DOMAIN_DISK_BUS_SD: + case VIR_DOMAIN_DISK_BUS_LAST: + return true; + } + + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("unexpected bus type '%d'"), + bus); + return true; +} + + +int +virSecurityDeviceLabelDefValidateXML(virSecurityDeviceLabelDefPtr *seclabe= ls, + size_t nseclabels, + virSecurityLabelDefPtr *vmSeclabels, + size_t nvmSeclabels) +{ + virSecurityDeviceLabelDefPtr seclabel; + size_t i; + size_t j; + + for (i =3D 0; i < nseclabels; i++) { + seclabel =3D seclabels[i]; + + /* find the security label that it's being overridden */ + for (j =3D 0; j < nvmSeclabels; j++) { + if (STRNEQ_NULLABLE(vmSeclabels[j]->model, seclabel->model)) + continue; + + if (!vmSeclabels[j]->relabel) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("label overrides require relabeling to be= " + "enabled at the domain level")); + return -1; + } + } + } + + return 0; +} + + +int +virDomainDiskDefValidate(const virDomainDef *def, + const virDomainDiskDef *disk) +{ + virStorageSourcePtr next; + + /* Validate LUN configuration */ + if (disk->device =3D=3D VIR_DOMAIN_DISK_DEVICE_LUN) { + /* volumes haven't been translated at this point, so accept them */ + if (!(disk->src->type =3D=3D VIR_STORAGE_TYPE_BLOCK || + disk->src->type =3D=3D VIR_STORAGE_TYPE_VOLUME || + (disk->src->type =3D=3D VIR_STORAGE_TYPE_NETWORK && + disk->src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_ISCSI))= ) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("disk '%s' improperly configured for a " + "device=3D'lun'"), disk->dst); + return -1; + } + } + + if (disk->src->pr && + disk->device !=3D VIR_DOMAIN_DISK_DEVICE_LUN) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _(" allowed only for lun devices")); + return -1; + } + + /* Reject disks with a bus type that is not compatible with the + * given address type. The function considers only buses that are + * handled in common code. For other bus types it's not possible + * to decide compatibility in common code. + */ + if (!virDomainDiskAddressDiskBusCompatibility(disk->bus, disk->info.ty= pe)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Invalid address type '%s' for the disk '%s' with= the bus type '%s'"), + virDomainDeviceAddressTypeToString(disk->info.type), + disk->dst, + virDomainDiskBusTypeToString(disk->bus)); + return -1; + } + + if (disk->queues && disk->bus !=3D VIR_DOMAIN_DISK_BUS_VIRTIO) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("queues attribute in disk driver element is only " + "supported by virtio-blk")); + return -1; + } + + if (disk->bus !=3D VIR_DOMAIN_DISK_BUS_VIRTIO && + (disk->model =3D=3D VIR_DOMAIN_DISK_MODEL_VIRTIO || + disk->model =3D=3D VIR_DOMAIN_DISK_MODEL_VIRTIO_TRANSITIONAL || + disk->model =3D=3D VIR_DOMAIN_DISK_MODEL_VIRTIO_NON_TRANSITIONAL)= ) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("disk model '%s' not supported for bus '%s'"), + virDomainDiskModelTypeToString(disk->model), + virDomainDiskBusTypeToString(disk->bus)); + return -1; + } + + if (disk->src->type =3D=3D VIR_STORAGE_TYPE_NVME) { + /* NVMe namespaces start from 1 */ + if (disk->src->nvme->namespc =3D=3D 0) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("NVMe namespace can't be zero")); + return -1; + } + } + + for (next =3D disk->src; next; next =3D next->backingStore) { + if (virSecurityDeviceLabelDefValidateXML(next->seclabels, + next->nseclabels, + def->seclabels, + def->nseclabels) < 0) + return -1; + } + + return 0; +} diff --git a/src/conf/domain_validate.h b/src/conf/domain_validate.h index ed170391f8..fe7c752e8c 100644 --- a/src/conf/domain_validate.h +++ b/src/conf/domain_validate.h @@ -28,3 +28,9 @@ int virDomainDefBootValidate(const virDomainDef *def); int virDomainDefVideoValidate(const virDomainDef *def); int virDomainVideoDefValidate(const virDomainVideoDef *video, const virDomainDef *def); +int virSecurityDeviceLabelDefValidateXML(virSecurityDeviceLabelDefPtr *sec= labels, + size_t nseclabels, + virSecurityLabelDefPtr *vmSeclabe= ls, + size_t nvmSeclabels); +int virDomainDiskDefValidate(const virDomainDef *def, + const virDomainDiskDef *disk); --=20 2.26.2