From nobody Mon Feb  9 11:44:54 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 63.128.21.124 as permitted sender) client-ip=63.128.21.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1609952326; cv=none;
	d=zohomail.com; s=zohoarc;
	b=P09KRl0LCSc66exOW2OWNksW8dS7Z4V51iOj/FFrHoiITmskOjkFdtj0MqEYV38ut/4XWgUf1UiX45Ih0OoXT6zXAfuzcpMBrT3pxVxeo4QJI2ebk3Tkm2OaVPjG79vkZi63Mf9/bmAnDYJ332tMT0s21ErWhHS6vVEaGkFGkzk=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1609952326;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=B/mxbNJWF6WiVpG9+wRH0N8zWzTjy+WqvsFa59NfJrc=;
	b=BuKzzf7vZnkJP0fm/R4XFIJP8L+9TffTlf8BRQXttc6VbnNEtYi3q06RpenjaJLFIa8RwmeqDgEqVs6aAizcXKm9Br+z/i368QKINodsW893SQkRWOz32bYr7Zv/AqKDO7bC47Tlvaff1Cn2aIYMmXQiNCUvAfjIsldcXvPEjjg=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<pkrempa@redhat.com> (p=none dis=none)
 header.from=<pkrempa@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.zohomail.com
	with SMTPS id 1609952326361154.903894279356;
 Wed, 6 Jan 2021 08:58:46 -0800 (PST)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-520-O25MP4xiOmK3O0mBK5xpEw-1; Wed, 06 Jan 2021 11:58:41 -0500
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 62398879500;
	Wed,  6 Jan 2021 16:58:35 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 383E41945C;
	Wed,  6 Jan 2021 16:58:35 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0105D180954D;
	Wed,  6 Jan 2021 16:58:34 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
	[10.5.11.16])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 106GwIbS022451 for <libvir-list@listman.util.phx.redhat.com>;
	Wed, 6 Jan 2021 11:58:18 -0500
Received: by smtp.corp.redhat.com (Postfix)
	id 9942417264; Wed,  6 Jan 2021 16:58:18 +0000 (UTC)
Received: from speedmetal.lan (unknown [10.40.208.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id D88C75C1C4
	for <libvir-list@redhat.com>; Wed,  6 Jan 2021 16:58:17 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1609952325;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=B/mxbNJWF6WiVpG9+wRH0N8zWzTjy+WqvsFa59NfJrc=;
	b=dyAtejLWA6FOtERauXPh1dxOTxZU0kq2oFrzaZ3tj9nknyJggI2BIVeq+JE+vwxU4iqNfk
	XhOYg54WGm8EVW4/bN+oE5z8F7uqvqwEr1T3fY2wGG77FFfRR8vL39zdlaEaUloqnLk3cQ
	jW8+Fmwo40V7WmHU/bjszMgNtW4g/oU=
X-MC-Unique: O25MP4xiOmK3O0mBK5xpEw-1
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH 7/7] schema: secret: Relax requirements for usage name
Date: Wed,  6 Jan 2021 17:58:01 +0100
Message-Id: 
 <d6d5390c14a7015436b51a19999ab4995eeeb590.1609952208.git.pkrempa@redhat.com>
In-Reply-To: <cover.1609952208.git.pkrempa@redhat.com>
References: <cover.1609952208.git.pkrempa@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-loop: libvir-list@redhat.com
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"

There's plenty of existing documentation [1] which shows as example a
name which contains a space and a dot ('client.admin secret') as ceph
usage name.

Use a more relaxed type in the RNG schema since the usage name is
actually just a string used to look up the secret.

[1]:
https://docs.ceph.com/en/latest/rbd/libvirt/#configuring-the-vm
https://documentation.suse.com/ses/6/html/ses-all/cha-ceph-libvirt.html#cep=
h-libvirt-cfg-vm
Libvirt docs were correct though:
https://libvirt.org/formatsecret.html#CephUsageType

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=3D1689168

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
 docs/schemas/domaincommon.rng                 |  2 +-
 docs/schemas/secret.rng                       |  8 ++---
 .../disk-network-source-auth.args             |  8 ++++-
 ...isk-network-source-auth.x86_64-2.12.0.args |  9 ++++++
 ...isk-network-source-auth.x86_64-latest.args | 29 ++++++++++++++-----
 .../disk-network-source-auth.xml              | 12 ++++++++
 tests/qemuxml2argvtest.c                      |  3 +-
 .../disk-network-source-auth.xml              | 13 +++++++++
 tests/secretxml2xmlin/usage-ceph-space.xml    |  7 +++++
 tests/secretxml2xmltest.c                     |  1 +
 10 files changed, 77 insertions(+), 15 deletions(-)
 create mode 100644 tests/secretxml2xmlin/usage-ceph-space.xml

diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 4fc6a7ee7a..701db7e7d2 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -6261,7 +6261,7 @@
           <ref name=3D"UUID"/>
         </attribute>
         <attribute name=3D"usage">
-          <ref name=3D"genericName"/>
+          <ref name=3D"objectName"/>
         </attribute>
       </choice>
     </element>
diff --git a/docs/schemas/secret.rng b/docs/schemas/secret.rng
index 1aafe03e61..c90e2eb81f 100644
--- a/docs/schemas/secret.rng
+++ b/docs/schemas/secret.rng
@@ -60,7 +60,7 @@
       <value>ceph</value>
     </attribute>
     <element name=3D"name">
-      <ref name=3D"genericName"/>
+      <ref name=3D"objectName"/>
     </element>
   </define>

@@ -69,7 +69,7 @@
       <value>iscsi</value>
     </attribute>
     <element name=3D"target">
-      <ref name=3D"genericName"/>
+      <ref name=3D"objectName"/>
     </element>
   </define>

@@ -78,7 +78,7 @@
       <value>tls</value>
     </attribute>
     <element name=3D"name">
-      <ref name=3D"genericName"/>
+      <ref name=3D"objectName"/>
     </element>
   </define>

@@ -87,7 +87,7 @@
       <value>vtpm</value>
     </attribute>
     <element name=3D"name">
-      <ref name=3D"genericName"/>
+      <ref name=3D"objectName"/>
     </element>
   </define>

diff --git a/tests/qemuxml2argvdata/disk-network-source-auth.args b/tests/q=
emuxml2argvdata/disk-network-source-auth.args
index e68b81fde0..18d48b263f 100644
--- a/tests/qemuxml2argvdata/disk-network-source-auth.args
+++ b/tests/qemuxml2argvdata/disk-network-source-auth.args
@@ -35,4 +35,10 @@ key=3DQVFDVm41aE82SHpGQWhBQXEwTkN2OGp0SmNJY0UrSE9CbE1RMU=
E=3D:\
 auth_supported=3Dcephx\;none:mon_host=3Dmon1.example.org\:6321\;mon2.examp=
le.org\:\
 6322\;mon3.example.org\:6322,format=3Draw,if=3Dnone,id=3Ddrive-virtio-disk=
1' \
 -device virtio-blk-pci,bus=3Dpci.0,addr=3D0x4,drive=3Ddrive-virtio-disk1,\
-id=3Dvirtio-disk1
+id=3Dvirtio-disk1 \
+-drive 'file=3Drbd:pool/image2:id=3Dmyname:\
+key=3DQVFDVm41aE82SHpGQWhBQXEwTkN2OGp0SmNJY0UrSE9CbE1RMUE=3D:\
+auth_supported=3Dcephx\;none:mon_host=3Dmon1.example.org\:6321\;mon2.examp=
le.org\:\
+6322\;mon3.example.org\:6322,format=3Draw,if=3Dnone,id=3Ddrive-virtio-disk=
2' \
+-device virtio-blk-pci,bus=3Dpci.0,addr=3D0x5,drive=3Ddrive-virtio-disk2,\
+id=3Dvirtio-disk2
diff --git a/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-2.12.0.=
args b/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-2.12.0.args
index 279d5c73ec..0ccf3df106 100644
--- a/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-2.12.0.args
+++ b/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-2.12.0.args
@@ -45,6 +45,15 @@ mon_host=3Dmon1.example.org\:6321\;mon2.example.org\:632=
2\;mon3.example.org\:\
 id=3Ddrive-virtio-disk1' \
 -device virtio-blk-pci,scsi=3Doff,bus=3Dpci.0,addr=3D0x3,drive=3Ddrive-vir=
tio-disk1,\
 id=3Dvirtio-disk1 \
+-object secret,id=3Dvirtio-disk2-auth-secret0,\
+data=3D9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=3DmasterKey0,iv=3DAAECAwQFBgcICQoLDA0ODw=3D=3D,format=3Dbase64 \
+-drive 'file=3Drbd:pool/image2:id=3Dmyname:auth_supported=3Dcephx\;none:\
+mon_host=3Dmon1.example.org\:6321\;mon2.example.org\:6322\;mon3.example.or=
g\:\
+6322,file.password-secret=3Dvirtio-disk2-auth-secret0,format=3Draw,if=3Dno=
ne,\
+id=3Ddrive-virtio-disk2' \
+-device virtio-blk-pci,scsi=3Doff,bus=3Dpci.0,addr=3D0x4,drive=3Ddrive-vir=
tio-disk2,\
+id=3Dvirtio-disk2 \
 -sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,\
 resourcecontrol=3Ddeny \
 -msg timestamp=3Don
diff --git a/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-latest.=
args b/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-latest.args
index 257ca1376c..879a52123c 100644
--- a/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-latest.args
+++ b/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-latest.args
@@ -29,21 +29,34 @@ file=3D/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
 -no-acpi \
 -boot strict=3Don \
 -device piix3-usb-uhci,id=3Dusb,bus=3Dpci.0,addr=3D0x1.0x2 \
--object secret,id=3Dlibvirt-2-storage-auth-secret0,\
+-object secret,id=3Dlibvirt-3-storage-auth-secret0,\
 data=3D9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
 keyid=3DmasterKey0,iv=3DAAECAwQFBgcICQoLDA0ODw=3D=3D,format=3Dbase64 \
 -blockdev '{"driver":"iscsi","portal":"example.org:6000",\
 "target":"iqn.1992-01.com.example:storage","lun":1,"transport":"tcp",\
-"user":"myname","password-secret":"libvirt-2-storage-auth-secret0",\
-"node-name":"libvirt-2-storage","auto-read-only":true,"discard":"unmap"}' \
+"user":"myname","password-secret":"libvirt-3-storage-auth-secret0",\
+"node-name":"libvirt-3-storage","auto-read-only":true,"discard":"unmap"}' \
+-blockdev '{"node-name":"libvirt-3-format","read-only":false,"driver":"raw=
",\
+"file":"libvirt-3-storage"}' \
+-device virtio-blk-pci,bus=3Dpci.0,addr=3D0x2,drive=3Dlibvirt-3-format,\
+id=3Dvirtio-disk0,bootindex=3D1 \
+-object secret,id=3Dlibvirt-2-storage-auth-secret0,\
+data=3D9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=3DmasterKey0,iv=3DAAECAwQFBgcICQoLDA0ODw=3D=3D,format=3Dbase64 \
+-blockdev '{"driver":"rbd","pool":"pool","image":"image",\
+"server":[{"host":"mon1.example.org","port":"6321"},{"host":"mon2.example.=
org",\
+"port":"6322"},{"host":"mon3.example.org","port":"6322"}],"user":"myname",\
+"auth-client-required":["cephx","none"],\
+"key-secret":"libvirt-2-storage-auth-secret0","node-name":"libvirt-2-stora=
ge",\
+"auto-read-only":true,"discard":"unmap"}' \
 -blockdev '{"node-name":"libvirt-2-format","read-only":false,"driver":"raw=
",\
 "file":"libvirt-2-storage"}' \
--device virtio-blk-pci,bus=3Dpci.0,addr=3D0x2,drive=3Dlibvirt-2-format,\
-id=3Dvirtio-disk0,bootindex=3D1 \
+-device virtio-blk-pci,bus=3Dpci.0,addr=3D0x3,drive=3Dlibvirt-2-format,\
+id=3Dvirtio-disk1 \
 -object secret,id=3Dlibvirt-1-storage-auth-secret0,\
 data=3D9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
 keyid=3DmasterKey0,iv=3DAAECAwQFBgcICQoLDA0ODw=3D=3D,format=3Dbase64 \
--blockdev '{"driver":"rbd","pool":"pool","image":"image",\
+-blockdev '{"driver":"rbd","pool":"pool","image":"image2",\
 "server":[{"host":"mon1.example.org","port":"6321"},{"host":"mon2.example.=
org",\
 "port":"6322"},{"host":"mon3.example.org","port":"6322"}],"user":"myname",\
 "auth-client-required":["cephx","none"],\
@@ -51,8 +64,8 @@ keyid=3DmasterKey0,iv=3DAAECAwQFBgcICQoLDA0ODw=3D=3D,form=
at=3Dbase64 \
 "auto-read-only":true,"discard":"unmap"}' \
 -blockdev '{"node-name":"libvirt-1-format","read-only":false,"driver":"raw=
",\
 "file":"libvirt-1-storage"}' \
--device virtio-blk-pci,bus=3Dpci.0,addr=3D0x3,drive=3Dlibvirt-1-format,\
-id=3Dvirtio-disk1 \
+-device virtio-blk-pci,bus=3Dpci.0,addr=3D0x4,drive=3Dlibvirt-1-format,\
+id=3Dvirtio-disk2 \
 -sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,\
 resourcecontrol=3Ddeny \
 -msg timestamp=3Don
diff --git a/tests/qemuxml2argvdata/disk-network-source-auth.xml b/tests/qe=
muxml2argvdata/disk-network-source-auth.xml
index 7cc5c96ae7..0f8d29070f 100644
--- a/tests/qemuxml2argvdata/disk-network-source-auth.xml
+++ b/tests/qemuxml2argvdata/disk-network-source-auth.xml
@@ -36,6 +36,18 @@
       </source>
       <target dev=3D'vdb' bus=3D'virtio'/>
     </disk>
+    <disk type=3D'network' device=3D'disk'>
+      <driver name=3D'qemu' type=3D'raw'/>
+      <source protocol=3D'rbd' name=3D'pool/image2'>
+        <host name=3D'mon1.example.org' port=3D'6321'/>
+        <host name=3D'mon2.example.org' port=3D'6322'/>
+        <host name=3D'mon3.example.org' port=3D'6322'/>
+        <auth username=3D'myname'>
+          <secret type=3D'ceph' usage=3D'client.admin secret'/>
+        </auth>
+      </source>
+      <target dev=3D'vdc' bus=3D'virtio'/>
+    </disk>
     <controller type=3D'usb' index=3D'0'/>
     <controller type=3D'pci' index=3D'0' model=3D'pci-root'/>
     <input type=3D'mouse' bus=3D'ps2'/>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index d2712e0dce..b63ba29739 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -64,7 +64,8 @@ fakeSecretLookupByUsage(virConnectPtr conn,
                            usageID);
             return NULL;
         }
-    } else if (STRNEQ(usageID, "mycluster_myname")) {
+    } else if (STRNEQ(usageID, "mycluster_myname") &&
+               STRNEQ(usageID, "client.admin secret")) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
                        "test provided incorrect usage '%s'", usageID);
         return NULL;
diff --git a/tests/qemuxml2xmloutdata/disk-network-source-auth.xml b/tests/=
qemuxml2xmloutdata/disk-network-source-auth.xml
index b9f06448c1..d9c85c478d 100644
--- a/tests/qemuxml2xmloutdata/disk-network-source-auth.xml
+++ b/tests/qemuxml2xmloutdata/disk-network-source-auth.xml
@@ -38,6 +38,19 @@
       <target dev=3D'vdb' bus=3D'virtio'/>
       <address type=3D'pci' domain=3D'0x0000' bus=3D'0x00' slot=3D'0x04' f=
unction=3D'0x0'/>
     </disk>
+    <disk type=3D'network' device=3D'disk'>
+      <driver name=3D'qemu' type=3D'raw'/>
+      <source protocol=3D'rbd' name=3D'pool/image2'>
+        <host name=3D'mon1.example.org' port=3D'6321'/>
+        <host name=3D'mon2.example.org' port=3D'6322'/>
+        <host name=3D'mon3.example.org' port=3D'6322'/>
+        <auth username=3D'myname'>
+          <secret type=3D'ceph' usage=3D'client.admin secret'/>
+        </auth>
+      </source>
+      <target dev=3D'vdc' bus=3D'virtio'/>
+      <address type=3D'pci' domain=3D'0x0000' bus=3D'0x00' slot=3D'0x05' f=
unction=3D'0x0'/>
+    </disk>
     <controller type=3D'usb' index=3D'0'>
       <address type=3D'pci' domain=3D'0x0000' bus=3D'0x00' slot=3D'0x01' f=
unction=3D'0x2'/>
     </controller>
diff --git a/tests/secretxml2xmlin/usage-ceph-space.xml b/tests/secretxml2x=
mlin/usage-ceph-space.xml
new file mode 100644
index 0000000000..557b12474d
--- /dev/null
+++ b/tests/secretxml2xmlin/usage-ceph-space.xml
@@ -0,0 +1,7 @@
+<secret ephemeral=3D'no' private=3D'yes'>
+  <uuid>f52a81b2-424e-490c-823d-6bd4235bc573</uuid>
+  <description>Ceph secret with space and dot</description>
+  <usage type=3D'ceph'>
+    <name>client.admin secret</name>
+  </usage>
+</secret>
diff --git a/tests/secretxml2xmltest.c b/tests/secretxml2xmltest.c
index 9eb3c460e7..74a262e1e8 100644
--- a/tests/secretxml2xmltest.c
+++ b/tests/secretxml2xmltest.c
@@ -74,6 +74,7 @@ mymain(void)
     DO_TEST("ephemeral-usage-volume");
     DO_TEST("usage-volume");
     DO_TEST("usage-ceph");
+    DO_TEST("usage-ceph-space");
     DO_TEST("usage-iscsi");
     DO_TEST("usage-tls");
     DO_TEST("usage-vtpm");
--=20
2.29.2