QEMU supports only 'raw' and 'telnet' in the <protocol type='telnets'/> element. Reject 'telnets' and 'tls'. TLS transport for qemu chardevs is configured via "tls='yes'" attribute added to the "<source>" element instead, so this prevents potential misconfig as the value would be silently accepted. Closes: https://gitlab.com/libvirt/libvirt/-/issues/412 Signed-off-by: Peter Krempa <pkrempa(a)redhat.com&gt; --- src/qemu/qemu_validate.c | 19 +++++++++++++++ ...rial-tcp-chardev-telnets.x86_64-latest.err | 1 + .../serial-tcp-chardev-telnets.xml | 23 +++++++++++++++++++ tests/qemuxmlconftest.c | 1 + 4 files changed, 44 insertions(+) create mode 100644 tests/qemuxmlconfdata/serial-tcp-chardev-telnets.x86_64-latest.err create mode 100644 tests/qemuxmlconfdata/serial-tcp-chardev-telnets.xml diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index 1954daea52..fa23c5f973 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -2044,6 +2044,25 @@ qemuValidateDomainChrSourceDef(const virDomainChrSourceDef *def, { switch ((virDomainChrType)def->type) { case VIR_DOMAIN_CHR_TYPE_TCP: + switch (def->data.tcp.protocol) { + case VIR_DOMAIN_CHR_TCP_PROTOCOL_RAW: + case VIR_DOMAIN_CHR_TCP_PROTOCOL_TELNET: + break; + + case VIR_DOMAIN_CHR_TCP_PROTOCOL_TELNETS: + case VIR_DOMAIN_CHR_TCP_PROTOCOL_TLS: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("tcp chardev protocol '%1$s' not supported"), + virDomainChrTcpProtocolTypeToString(def->data.tcp.protocol)); + return -1; + + case VIR_DOMAIN_CHR_TCP_PROTOCOL_LAST: + default: + virReportEnumRangeError(virDomainChrTcpProtocol, def->data.tcp.protocol); + return -1; + + } + if (qemuValidateDomainChrSourceReconnectDef(&def->data.tcp.reconnect) < 0) return -1; break; diff --git a/tests/qemuxmlconfdata/serial-tcp-chardev-telnets.x86_64-latest.err b/tests/qemuxmlconfdata/serial-tcp-chardev-telnets.x86_64-latest.err new file mode 100644 index 0000000000..6447c96cd9 --- /dev/null +++ b/tests/qemuxmlconfdata/serial-tcp-chardev-telnets.x86_64-latest.err @@ -0,0 +1 @@ +unsupported configuration: tcp chardev protocol 'tls' not supported diff --git a/tests/qemuxmlconfdata/serial-tcp-chardev-telnets.xml b/tests/qemuxmlconfdata/serial-tcp-chardev-telnets.xml new file mode 100644 index 0000000000..07c36e0fa0 --- /dev/null +++ b/tests/qemuxmlconfdata/serial-tcp-chardev-telnets.xml @@ -0,0 +1,23 @@ +<domain type='qemu'> + <name>QEMUGuest1</name> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid> + <memory unit='KiB'>219136</memory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='x86_64' machine='pc'>hvm</type> + </os> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <serial type='tcp'> + <source mode='connect' host='127.0.0.1' service='9999'/> + <protocol type='tls'/> + <target port='0'/> + </serial> + <console type='tcp'> + <source mode='connect' host='127.0.0.1' service='9999'/> + <protocol type='telnets'/> + <target port='0'/> + </console> + <memballoon model='virtio'/> + </devices> +</domain> diff --git a/tests/qemuxmlconftest.c b/tests/qemuxmlconftest.c index 323fd9d721..821b8da25a 100644 --- a/tests/qemuxmlconftest.c +++ b/tests/qemuxmlconftest.c @@ -1838,6 +1838,7 @@ mymain(void) DO_TEST_CAPS_LATEST("serial-unix-chardev"); DO_TEST_CAPS_LATEST_PARSE_ERROR("serial-unix-missing-source"); DO_TEST_CAPS_LATEST("serial-tcp-chardev"); + DO_TEST_CAPS_LATEST_PARSE_ERROR("serial-tcp-chardev-telnets"); DO_TEST_CAPS_LATEST("serial-udp-chardev"); DO_TEST_CAPS_LATEST("serial-tcp-telnet-chardev"); driver.config->chardevTLS = 1; -- 2.46.0