On 05.12.2013 22:54, Eric Blake wrote:
On a system that is enforcing FIPS, most libraries honor the current mode by default. Qemu, on the other hand, refused to honor FIPS mode unless you add the '-enable-fips' command line option; worse, this option is not discoverable via QMP, and is only present on binaries built for Linux. As far as I can tell, unconditionally using the option when it is available has no negative consequences (the option has no change to qemu behavior except when FIPS is enabled, at which point it cripples insecure VNC passwords which is the one thing that libvirt must not allow when FIPS is active).
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1035474
* src/qemu/qemu_capabilities.h (QEMU_CAPS_ENABLE_FIPS): New bit. * src/qemu/qemu_capabilities.c (virQEMUCapsInitQMPBasic): Conditionally set capability. * src/qemu/qemu_command.c (qemuBuildCommandLine): Use it. * tests/qemucapabilitiestest.c (testQemuCaps): Unconditionally set capability. * tests/qemucapabilitiesdata/caps_1.2.2-1.caps: Update list. * tests/qemucapabilitiesdata/caps_1.3.1-1.caps: Likewise. * tests/qemucapabilitiesdata/caps_1.4.2-1.caps: Likewise. * tests/qemucapabilitiesdata/caps_1.5.3-1.caps: Likewise. * tests/qemucapabilitiesdata/caps_1.6.0-1.caps: Likewise. * tests/qemucapabilitiesdata/caps_1.6.50-1.caps: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com> --- src/qemu/qemu_capabilities.c | 7 +++++++ src/qemu/qemu_capabilities.h | 1 + src/qemu/qemu_command.c | 2 ++ tests/qemucapabilitiesdata/caps_1.2.2-1.caps | 1 + tests/qemucapabilitiesdata/caps_1.3.1-1.caps | 1 + tests/qemucapabilitiesdata/caps_1.4.2-1.caps | 1 + tests/qemucapabilitiesdata/caps_1.5.3-1.caps | 1 + tests/qemucapabilitiesdata/caps_1.6.0-1.caps | 1 + tests/qemucapabilitiesdata/caps_1.6.50-1.caps | 1 + tests/qemucapabilitiestest.c | 6 ++++++ 10 files changed, 22 insertions(+)
Sigh, oh boy, <your favorite swear-word>. ACK. Michal