6:51 a.m.
Some configuration setups for guests are allowed, but strongly
discouraged and unsupportable in production systems. Introduce
a concept of 'tainting' to virDomainObjPtr to allow such setups
to be identified. Drivers can then log warnings at suitable
times
* src/conf/domain_conf.c, src/conf/domain_conf.h: Declare taint
flags and add parsing/formatting of domain status XML
---
src/conf/domain_conf.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++
src/conf/domain_conf.h | 16 ++++++++++++++
src/libvirt_private.syms | 3 ++
3 files changed, 70 insertions(+), 0 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 2a681d9..8fe375f 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -50,6 +50,13 @@
#define VIR_FROM_THIS VIR_FROM_DOMAIN
+VIR_ENUM_IMPL(virDomainTaint, VIR_DOMAIN_TAINT_LAST,
+ "custom-argv",
+ "custom-monitor",
+ "high-privileges",
+ "shell-scripts",
+ "disk-probing");
+
VIR_ENUM_IMPL(virDomainVirt, VIR_DOMAIN_VIRT_LAST,
"qemu",
"kqemu",
@@ -510,6 +517,20 @@ virDomainObjPtr virDomainFindByName(const virDomainObjListPtr doms,
return obj;
}
+
+bool virDomainObjTaint(virDomainObjPtr obj,
+ enum virDomainTaintFlags taint)
+{
+ int flag = (1 << taint);
+
+ if (obj->taint & flag)
+ return false;
+
+ obj->taint |= flag;
+ return true;
+}
+
+
static void
virDomainGraphicsAuthDefClear(virDomainGraphicsAuthDefPtr def)
{
@@ -6250,6 +6271,8 @@ static virDomainObjPtr virDomainObjParseXML(virCapsPtr caps,
xmlNodePtr config;
xmlNodePtr oldnode;
virDomainObjPtr obj;
+ xmlNodePtr *nodes = NULL;
+ int i, n;
if (!(obj = virDomainObjNew(caps)))
return NULL;
@@ -6288,6 +6311,26 @@ static virDomainObjPtr virDomainObjParseXML(virCapsPtr caps,
}
obj->pid = (pid_t)val;
+ if ((n = virXPathNodeSet("./taint", ctxt, &nodes)) < 0) {
+ virDomainReportError(VIR_ERR_INTERNAL_ERROR,
+ "%s", _("failed to parse taint
flags"));
+ goto error;
+ }
+ for (i = 0 ; i < n ; i++) {
+ char *str = virXMLPropString(nodes[i], "flag");
+ if (str) {
+ int flag = virDomainTaintTypeFromString(str);
+ VIR_FREE(str);
+ if (flag < 0) {
+ virDomainReportError(VIR_ERR_INTERNAL_ERROR,
+ _("Unknown taint flag %s"), str);
+ goto error;
+ }
+ virDomainObjTaint(obj, flag);
+ }
+ }
+ VIR_FREE(nodes);
+
if (caps->privateDataXMLParse &&
((caps->privateDataXMLParse)(ctxt, obj->privateData)) < 0)
goto error;
@@ -6297,6 +6340,7 @@ static virDomainObjPtr virDomainObjParseXML(virCapsPtr caps,
error:
/* obj was never shared, so unref should return 0 */
ignore_value(virDomainObjUnref(obj));
+ VIR_FREE(nodes);
return NULL;
}
@@ -8454,11 +8498,18 @@ static char *virDomainObjFormat(virCapsPtr caps,
{
char *config_xml = NULL;
virBuffer buf = VIR_BUFFER_INITIALIZER;
+ int i;
virBufferVSprintf(&buf, "<domstatus state='%s'
pid='%d'>\n",
virDomainStateTypeToString(obj->state),
obj->pid);
+ for (i = 0 ; i < VIR_DOMAIN_TAINT_LAST ; i++) {
+ if (obj->taint & (1 << i))
+ virBufferVSprintf(&buf, " <taint
flag='%s'/>\n",
+ virDomainTaintTypeToString(i));
+ }
+
if (caps->privateDataXMLFormat &&
((caps->privateDataXMLFormat)(&buf, obj->privateData)) < 0)
goto error;
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 1dadf98..a0f820c 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1182,6 +1182,16 @@ struct _virDomainDef {
virDomainXMLNamespace ns;
};
+enum virDomainTaintFlags {
+ VIR_DOMAIN_TAINT_CUSTOM_ARGV, /* Custom ARGV passthrough from XML */
+ VIR_DOMAIN_TAINT_CUSTOM_MONITOR, /* Custom monitor commands issued */
+ VIR_DOMAIN_TAINT_HIGH_PRIVILEGES, /* Running with undesirably high privileges */
+ VIR_DOMAIN_TAINT_SHELL_SCRIPTS, /* Network configuration using opaque shell
scripts */
+ VIR_DOMAIN_TAINT_DISK_PROBING, /* Relying on potentially unsafe disk format
probing */
+
+ VIR_DOMAIN_TAINT_LAST
+};
+
/* Guest VM runtime state */
typedef struct _virDomainObj virDomainObj;
typedef virDomainObj *virDomainObjPtr;
@@ -1204,6 +1214,8 @@ struct _virDomainObj {
void *privateData;
void (*privateDataFreeFunc)(void *);
+
+ int taint;
};
typedef struct _virDomainObjList virDomainObjList;
@@ -1231,6 +1243,8 @@ virDomainObjPtr virDomainFindByUUID(const virDomainObjListPtr doms,
virDomainObjPtr virDomainFindByName(const virDomainObjListPtr doms,
const char *name);
+bool virDomainObjTaint(virDomainObjPtr obj,
+ enum virDomainTaintFlags taint);
void virDomainGraphicsDefFree(virDomainGraphicsDefPtr def);
void virDomainInputDefFree(virDomainInputDefPtr def);
@@ -1429,6 +1443,8 @@ int virDomainDiskDefForeachPath(virDomainDiskDefPtr disk,
typedef const char* (*virLifecycleToStringFunc)(int type);
typedef int (*virLifecycleFromStringFunc)(const char *type);
+VIR_ENUM_DECL(virDomainTaint)
+
VIR_ENUM_DECL(virDomainVirt)
VIR_ENUM_DECL(virDomainBoot)
VIR_ENUM_DECL(virDomainFeature)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 1b22be6..508b044 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -300,6 +300,7 @@ virDomainObjListNumOfDomains;
virDomainObjLock;
virDomainObjRef;
virDomainObjSetDefTransient;
+virDomainObjTaint;
virDomainObjUnlock;
virDomainObjUnref;
virDomainRemoveInactive;
@@ -324,6 +325,8 @@ virDomainSoundModelTypeFromString;
virDomainSoundModelTypeToString;
virDomainStateTypeFromString;
virDomainStateTypeToString;
+virDomainTaintTypeFromString;
+virDomainTaintTypeToString;
virDomainTimerModeTypeFromString;
virDomainTimerModeTypeToString;
virDomainTimerNameTypeFromString;
--
1.7.4.4