From nobody Thu Dec 18 08:23:46 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1739902426933606.2335770372533; Tue, 18 Feb 2025 10:13:46 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 996) id 446981C34; Tue, 18 Feb 2025 13:13:46 -0500 (EST) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 021331789; Tue, 18 Feb 2025 13:13:05 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 996) id A87EC1770; Tue, 18 Feb 2025 13:13:01 -0500 (EST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id C8C14176E for ; Tue, 18 Feb 2025 13:13:00 -0500 (EST) Received: from mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-136-0EO0vObqM16Jyjk47LzL8A-1; Tue, 18 Feb 2025 13:12:59 -0500 Received: from mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.40]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 4F55C1800997 for ; Tue, 18 Feb 2025 18:12:58 +0000 (UTC) Received: from toolbx.redhat.com (unknown [10.42.28.158]) by mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 1B85D19560AF; Tue, 18 Feb 2025 18:12:56 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1739902380; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/+6BULhsV/yybPSMaW7ws4dAHHeI4pANjak2+D2kQI0=; b=XxAvZqnPD0UVqtwyCSdqfDlJ5raR3Xn/lH8cEHjVQwiHPDJStZd2g7+Q4ehmuJ0l7MR9/a PSQeX62MkUIjPchluzcRFABUcF98n/i9wT447DJwZFc06KE7WoF702k6F5W9CzuvNZvnV6 sogRsWXUHEsQyNlpYfkR3pTyaIUEJrE= X-MC-Unique: 0EO0vObqM16Jyjk47LzL8A-1 X-Mimecast-MFC-AGG-ID: 0EO0vObqM16Jyjk47LzL8A_1739902378 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: devel@lists.libvirt.org Subject: [PATCH 1/4] conf: introduce support for multiple ACPI tables Date: Tue, 18 Feb 2025 18:12:50 +0000 Message-ID: <20250218181253.1632013-2-berrange@redhat.com> In-Reply-To: <20250218181253.1632013-1-berrange@redhat.com> References: <20250218181253.1632013-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.40 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: 74a-d8bsepQLWCGPH8Il8Hv7oawpqUT8ggSdemU3Ooc_1739902378 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: TD4CARRLJGYVFSPE2LSXCQDJ2RNHQHWG X-Message-ID-Hash: TD4CARRLJGYVFSPE2LSXCQDJ2RNHQHWG X-MailFrom: berrange@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header CC: Victor Toso X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1739902427980019000 Content-Type: text/plain; charset="utf-8" Currently we parse ...path...
 into a flat 'char *slic_table' field which is rather an anti-pattern as it has special cased a single attribute type. This rewrites the internal design to permit multiple table types to be parsed, should we add more in future. Each type is permitted to only appear once. The Xen code is fairly dubious in its use of 'slic_table' to hold Xen's 'acpi_firmware' config option, as IIUC Xen's config is not limited to accepting a single table per file. It takes a concatenation of all data and ought to be represented as such. This is left for a future contributor to solve. Signed-off-by: Daniel P. Berrang=C3=A9 --- src/conf/domain_conf.c | 87 +++++++++++++++++++++++++-------- src/conf/domain_conf.h | 21 +++++++- src/libxl/libxl_conf.c | 8 ++- src/libxl/xen_xl.c | 22 +++++++-- src/qemu/qemu_command.c | 13 +++-- src/security/security_dac.c | 18 ++++--- src/security/security_selinux.c | 16 +++--- src/security/virt-aa-helper.c | 5 +- 8 files changed, 143 insertions(+), 47 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 49555efc56..04fb893587 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -1457,6 +1457,11 @@ VIR_ENUM_IMPL(virDomainOsDefFirmwareFeature, "secure-boot", ); =20 +VIR_ENUM_IMPL(virDomainOsACPITable, + VIR_DOMAIN_OS_ACPI_TABLE_TYPE_LAST, + "slic", +); + VIR_ENUM_IMPL(virDomainCFPC, VIR_DOMAIN_CFPC_LAST, "none", @@ -3899,6 +3904,15 @@ virDomainSecDefFree(virDomainSecDef *def) g_free(def); } =20 +void virDomainOSACPITableDefFree(virDomainOSACPITableDef *def) +{ + if (!def) + return; + g_free(def->path); + g_free(def); +} + + static void virDomainOSDefClear(virDomainOSDef *os) { @@ -3924,7 +3938,9 @@ virDomainOSDefClear(virDomainOSDef *os) g_free(os->cmdline); g_free(os->dtb); g_free(os->root); - g_free(os->slic_table); + for (i =3D 0; i < os->nacpiTables; i++) + virDomainOSACPITableDefFree(os->acpiTables[i]); + g_free(os->acpiTables); virDomainLoaderDefFree(os->loader); g_free(os->bootloader); g_free(os->bootloaderArgs); @@ -17873,40 +17889,64 @@ virDomainDefParseBootAcpiOptions(virDomainDef *de= f, int n; g_autofree xmlNodePtr *nodes =3D NULL; g_autofree char *tmp =3D NULL; + size_t ntables =3D 0; + virDomainOSACPITableDef **tables =3D NULL; + size_t i; + size_t j; =20 if ((n =3D virXPathNodeSet("./os/acpi/table", ctxt, &nodes)) < 0) return -1; =20 - if (n > 1) { - virReportError(VIR_ERR_XML_ERROR, "%s", - _("Only one acpi table is supported")); - return -1; - } - - if (n =3D=3D 1) { - tmp =3D virXMLPropString(nodes[0], "type"); + for (i =3D 0; i < n; i++) { + int type; + tmp =3D virXMLPropString(nodes[i], "type"); =20 if (!tmp) { virReportError(VIR_ERR_XML_ERROR, "%s", _("Missing acpi table type")); - return -1; + goto error; } =20 - if (STREQ_NULLABLE(tmp, "slic")) { - VIR_FREE(tmp); - if (!(tmp =3D virXMLNodeContentString(nodes[0]))) - return -1; - - def->os.slic_table =3D virFileSanitizePath(tmp); - } else { + if ((type =3D virDomainOsACPITableTypeFromString(tmp)) < 0) { virReportError(VIR_ERR_XML_ERROR, _("Unknown acpi table type: %1$s"), tmp); - return -1; + goto error; } + + for (j =3D 0; j < i; j++) { + if (tables[j]->type =3D=3D type) { + virReportError(VIR_ERR_XML_ERROR, + _("ACPI table type '%1$s' may only appear o= nce"), + tmp); + goto error; + } + } + + VIR_FREE(tmp); + if (!(tmp =3D virXMLNodeContentString(nodes[i]))) + goto error; + + tables =3D g_renew(virDomainOSACPITableDef *, tables, ntables + 1); + tables[ntables] =3D g_new0(virDomainOSACPITableDef, 1); + tables[ntables]->type =3D type; + tables[ntables]->path =3D virFileSanitizePath(tmp); + ntables++; + + VIR_FREE(tmp); } =20 + def->os.nacpiTables =3D ntables; + def->os.acpiTables =3D tables; + return 0; + + error: + for (i =3D 0; i < ntables; i++) { + virDomainOSACPITableDefFree(tables[i]); + } + g_free(tables); + return -1; } =20 =20 @@ -28490,11 +28530,16 @@ virDomainDefFormatInternalSetRootName(virDomainDe= f *def, def->os.dtb); virBufferEscapeString(buf, "%s\n", def->os.root); - if (def->os.slic_table) { + + if (def->os.nacpiTables) { virBufferAddLit(buf, "\n"); virBufferAdjustIndent(buf, 2); - virBufferEscapeString(buf, "%s
\n", - def->os.slic_table); + for (i =3D 0; i < def->os.nacpiTables; i++) { + virBufferAsprintf(buf, "", + virDomainOsACPITableTypeToString(def->os.acp= iTables[i]->type)); + virBufferEscapeString(buf, "%s
\n", + def->os.acpiTables[i]->path); + } virBufferAdjustIndent(buf, -2); virBufferAddLit(buf, "\n"); } diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 9da6586e66..7735cce325 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -2474,6 +2474,24 @@ typedef enum { =20 VIR_ENUM_DECL(virDomainOsDefFirmwareFeature); =20 +typedef enum { + VIR_DOMAIN_OS_ACPI_TABLE_TYPE_SLIC, + + VIR_DOMAIN_OS_ACPI_TABLE_TYPE_LAST +} virDomainOsACPITable; + +VIR_ENUM_DECL(virDomainOsACPITable); + +struct _virDomainOSACPITableDef { + int type; + char *path; +}; + +typedef struct _virDomainOSACPITableDef virDomainOSACPITableDef; +void virDomainOSACPITableDefFree(virDomainOSACPITableDef *def); +G_DEFINE_AUTOPTR_CLEANUP_FUNC(virDomainOSACPITableDef, virDomainOSACPITabl= eDefFree); + + struct _virDomainOSDef { int type; virDomainOsDefFirmware firmware; @@ -2496,7 +2514,8 @@ struct _virDomainOSDef { char *cmdline; char *dtb; char *root; - char *slic_table; + size_t nacpiTables; + virDomainOSACPITableDef **acpiTables; virDomainLoaderDef *loader; char *bootloader; char *bootloaderArgs; diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c index c404226e43..7fa1decd67 100644 --- a/src/libxl/libxl_conf.c +++ b/src/libxl/libxl_conf.c @@ -583,7 +583,13 @@ libxlMakeDomBuildInfo(virDomainDef *def, #endif =20 /* copy SLIC table path to acpi_firmware */ - b_info->u.hvm.acpi_firmware =3D g_strdup(def->os.slic_table); + for (i =3D 0; i < def->os.nacpiTables; i++) { + if (def->os.acpiTables[i]->type !=3D VIR_DOMAIN_OS_ACPI_TABLE_= TYPE_SLIC) + continue; + + b_info->u.hvm.acpi_firmware =3D g_strdup(def->os.acpiTables[i]= ->path); + break; + } =20 if (def->nsounds > 0) { /* diff --git a/src/libxl/xen_xl.c b/src/libxl/xen_xl.c index 53f6871efc..a9f41f9ee2 100644 --- a/src/libxl/xen_xl.c +++ b/src/libxl/xen_xl.c @@ -106,6 +106,7 @@ xenParseXLOS(virConf *conf, virDomainDef *def, virCaps = *caps) g_autofree char *bios =3D NULL; g_autofree char *bios_path =3D NULL; g_autofree char *boot =3D NULL; + g_autofree char *slic =3D NULL; int val =3D 0; =20 if (xenConfigGetString(conf, "bios", &bios, NULL) < 0) @@ -133,8 +134,15 @@ xenParseXLOS(virConf *conf, virDomainDef *def, virCaps= *caps) } } =20 - if (xenConfigCopyStringOpt(conf, "acpi_firmware", &def->os.slic_ta= ble) < 0) + if (xenConfigCopyStringOpt(conf, "acpi_firmware", &slic) < 0) return -1; + if (slic !=3D NULL) { + def->os.nacpiTables =3D 1; + def->os.acpiTables =3D g_new0(virDomainOSACPITableDef *, 1); + def->os.acpiTables[0] =3D g_new0(virDomainOSACPITableDef, 1); + def->os.acpiTables[0]->type =3D VIR_DOMAIN_OS_ACPI_TABLE_TYPE_= SLIC; + def->os.acpiTables[0]->path =3D g_steal_pointer(&slic); + } =20 if (xenConfigCopyStringOpt(conf, "kernel", &def->os.kernel) < 0) return -1; @@ -1134,9 +1142,15 @@ xenFormatXLOS(virConf *conf, virDomainDef *def) return -1; } =20 - if (def->os.slic_table && - xenConfigSetString(conf, "acpi_firmware", def->os.slic_table) = < 0) - return -1; + for (i =3D 0; i < def->os.nacpiTables; i++) { + if (def->os.acpiTables[i]->type !=3D VIR_DOMAIN_OS_ACPI_TABLE_= TYPE_SLIC) + continue; + + if (xenConfigSetString(conf, "acpi_firmware", + def->os.acpiTables[i]->path) < 0) + return -1; + break; + } =20 if (def->os.kernel && xenConfigSetString(conf, "kernel", def->os.kernel) < 0) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 54130ac4f0..1153d8e095 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -127,6 +127,11 @@ VIR_ENUM_IMPL(qemuNumaPolicy, "restrictive", ); =20 +VIR_ENUM_DECL(qemuACPITableSIG); +VIR_ENUM_IMPL(qemuACPITableSIG, + VIR_DOMAIN_OS_ACPI_TABLE_TYPE_LAST, + "SLIC"); + =20 const char * qemuAudioDriverTypeToString(virDomainAudioType type) @@ -5995,6 +6000,7 @@ qemuBuildBootCommandLine(virCommand *cmd, { g_auto(virBuffer) boot_buf =3D VIR_BUFFER_INITIALIZER; g_autofree char *boot_opts_str =3D NULL; + size_t i; =20 if (def->os.bootmenu) { if (def->os.bootmenu =3D=3D VIR_TRISTATE_BOOL_YES) @@ -6028,11 +6034,12 @@ qemuBuildBootCommandLine(virCommand *cmd, virCommandAddArgList(cmd, "-append", def->os.cmdline, NULL); if (def->os.dtb) virCommandAddArgList(cmd, "-dtb", def->os.dtb, NULL); - if (def->os.slic_table) { + for (i =3D 0; i < def->os.nacpiTables; i++) { g_auto(virBuffer) buf =3D VIR_BUFFER_INITIALIZER; virCommandAddArg(cmd, "-acpitable"); - virBufferAddLit(&buf, "sig=3DSLIC,file=3D"); - virQEMUBuildBufferEscapeComma(&buf, def->os.slic_table); + virBufferAsprintf(&buf, "sig=3D%s,file=3D", + qemuACPITableSIGTypeToString(def->os.acpiTables[= i]->type)); + virQEMUBuildBufferEscapeComma(&buf, def->os.acpiTables[i]->path); virCommandAddArgBuffer(cmd, &buf); } =20 diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 0505f4e4a3..b4d61bc576 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -2050,9 +2050,10 @@ virSecurityDACRestoreAllLabel(virSecurityManager *mg= r, virSecurityDACRestoreFileLabel(mgr, def->os.dtb) < 0) rc =3D -1; =20 - if (def->os.slic_table && - virSecurityDACRestoreFileLabel(mgr, def->os.slic_table) < 0) - rc =3D -1; + for (i =3D 0; i < def->os.nacpiTables; i++) { + if (virSecurityDACRestoreFileLabel(mgr, def->os.acpiTables[i]->pat= h) < 0) + rc =3D -1; + } =20 if (def->pstore && virSecurityDACRestoreFileLabel(mgr, def->pstore->path) < 0) @@ -2300,11 +2301,12 @@ virSecurityDACSetAllLabel(virSecurityManager *mgr, user, group, true) < 0) return -1; =20 - if (def->os.slic_table && - virSecurityDACSetOwnership(mgr, NULL, - def->os.slic_table, - user, group, true) < 0) - return -1; + for (i =3D 0; i < def->os.nacpiTables; i++) { + if (virSecurityDACSetOwnership(mgr, NULL, + def->os.acpiTables[i]->path, + user, group, true) < 0) + return -1; + } =20 if (def->pstore && virSecurityDACSetOwnership(mgr, NULL, diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index cdc32d9b34..b8659e33d6 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -3013,9 +3013,10 @@ virSecuritySELinuxRestoreAllLabel(virSecurityManager= *mgr, virSecuritySELinuxRestoreFileLabel(mgr, def->os.dtb, true) < 0) rc =3D -1; =20 - if (def->os.slic_table && - virSecuritySELinuxRestoreFileLabel(mgr, def->os.slic_table, true) = < 0) - rc =3D -1; + for (i =3D 0; i < def->os.nacpiTables; i++) { + if (virSecuritySELinuxRestoreFileLabel(mgr, def->os.acpiTables[i]-= >path, true) < 0) + rc =3D -1; + } =20 if (def->pstore && virSecuritySELinuxRestoreFileLabel(mgr, def->pstore->path, true) <= 0) @@ -3443,10 +3444,11 @@ virSecuritySELinuxSetAllLabel(virSecurityManager *m= gr, data->content_context, true) < 0) return -1; =20 - if (def->os.slic_table && - virSecuritySELinuxSetFilecon(mgr, def->os.slic_table, - data->content_context, true) < 0) - return -1; + for (i =3D 0; i < def->os.nacpiTables; i++) { + if (virSecuritySELinuxSetFilecon(mgr, def->os.acpiTables[i]->path, + data->content_context, true) < 0) + return -1; + } =20 if (def->pstore && virSecuritySELinuxSetFilecon(mgr, def->pstore->path, diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index 1626d5a89c..939478a625 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -974,9 +974,10 @@ get_files(vahControl * ctl) if (vah_add_file(&buf, ctl->def->os.dtb, "r") !=3D 0) goto cleanup; =20 - if (ctl->def->os.slic_table) - if (vah_add_file(&buf, ctl->def->os.slic_table, "r") !=3D 0) + for (i =3D 0; i < def->os.nacpiTables; i++) { + if (vah_add_file(&buf, ctl->def->os.acpiTables[i]->path, "r") !=3D= 0) goto cleanup; + } =20 if (ctl->def->pstore) if (vah_add_file(&buf, ctl->def->pstore->path, "rw") !=3D 0) --=20 2.47.1