[PATCH 0/4] network port create: add support for validation against schema
Kristina Hanicova (4): api: add VIR_NETWORK_PORT_CREATE_VALIDATE flag conf: virnetworkportdef: add validation against schema in network port create bridge_driver: allow VIR_NETWORK_PORT_CREATE_VALIDATE flag virsh: add support for '--validate' option in create network port docs/manpages/virsh.rst | 4 +++- include/libvirt/libvirt-network.h | 1 + src/conf/domain_conf.c | 2 +- src/conf/virnetworkportdef.c | 14 +++++++++----- src/conf/virnetworkportdef.h | 3 ++- src/libvirt-network.c | 2 +- src/network/bridge_driver.c | 5 +++-- tools/virsh-network.c | 10 +++++++++- 8 files changed, 29 insertions(+), 12 deletions(-) -- 2.31.1
Signed-off-by: Kristina Hanicova <khanicov@redhat.com> --- include/libvirt/libvirt-network.h | 1 + src/libvirt-network.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/include/libvirt/libvirt-network.h b/include/libvirt/libvirt-network.h index 0a49c1888e..e8c008cfc8 100644 --- a/include/libvirt/libvirt-network.h +++ b/include/libvirt/libvirt-network.h @@ -367,6 +367,7 @@ virNetworkPortLookupByUUIDString(virNetworkPtr net, typedef enum { VIR_NETWORK_PORT_CREATE_RECLAIM = (1 << 0), /* reclaim existing used resources */ + VIR_NETWORK_PORT_CREATE_VALIDATE = 1 << 1, /* Validate the XML document against schema */ } virNetworkPortCreateFlags; virNetworkPortPtr diff --git a/src/libvirt-network.c b/src/libvirt-network.c index 5829996301..cf32912063 100644 --- a/src/libvirt-network.c +++ b/src/libvirt-network.c @@ -1485,7 +1485,7 @@ virNetworkPortGetParameters(virNetworkPortPtr port, * virNetworkPortCreateXML: * @net: pointer to the network object * @xmldesc: an XML description of the port - * @flags: currently unused, pass 0 + * @flags: bitwise-OR of virNetworkPortCreateFlags * * Create a new network port, based on an XML description * similar to the one returned by virNetworkPortGetXMLDesc() -- 2.31.1
We need to validate the XML against schema if option '--validate' was passed to the virsh command. This patch also includes propagation of flags into the virNetworkPortDefParse(). Signed-off-by: Kristina Hanicova <khanicov@redhat.com> --- src/conf/domain_conf.c | 2 +- src/conf/virnetworkportdef.c | 14 +++++++++----- src/conf/virnetworkportdef.h | 3 ++- src/network/bridge_driver.c | 2 +- 4 files changed, 13 insertions(+), 8 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 6127513117..dbefc98ee8 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -30330,7 +30330,7 @@ virDomainNetCreatePort(virConnectPtr conn, VIR_FREE(portxml); if (!(portxml = virNetworkPortGetXMLDesc(port, 0)) || - !(portdef = virNetworkPortDefParseString(portxml)) || + !(portdef = virNetworkPortDefParseString(portxml, 0)) || virDomainNetDefActualFromNetworkPort(iface, portdef) < 0) { virErrorPreserveLast(&save_err); virNetworkPortDelete(port, 0); diff --git a/src/conf/virnetworkportdef.c b/src/conf/virnetworkportdef.c index c1749eebe0..1ca1eddb5a 100644 --- a/src/conf/virnetworkportdef.c +++ b/src/conf/virnetworkportdef.c @@ -287,12 +287,15 @@ virNetworkPortDefParseNode(xmlDocPtr xml, static virNetworkPortDef * virNetworkPortDefParse(const char *xmlStr, - const char *filename) + const char *filename, + unsigned int flags) { virNetworkPortDef *def = NULL; g_autoptr(xmlDoc) xml = NULL; - if ((xml = virXMLParse(filename, xmlStr, _("(networkport_definition)"), NULL, false))) { + if ((xml = virXMLParse(filename, xmlStr, _("(networkport_definition)"), + "networkport.rng", + flags & VIR_NETWORK_PORT_CREATE_VALIDATE))) { def = virNetworkPortDefParseNode(xml, xmlDocGetRootElement(xml)); } @@ -301,16 +304,17 @@ virNetworkPortDefParse(const char *xmlStr, virNetworkPortDef * -virNetworkPortDefParseString(const char *xmlStr) +virNetworkPortDefParseString(const char *xmlStr, + unsigned int flags) { - return virNetworkPortDefParse(xmlStr, NULL); + return virNetworkPortDefParse(xmlStr, NULL, flags); } virNetworkPortDef * virNetworkPortDefParseFile(const char *filename) { - return virNetworkPortDefParse(NULL, filename); + return virNetworkPortDefParse(NULL, filename, 0); } diff --git a/src/conf/virnetworkportdef.h b/src/conf/virnetworkportdef.h index 0ac232d16a..5c7cd2953e 100644 --- a/src/conf/virnetworkportdef.h +++ b/src/conf/virnetworkportdef.h @@ -86,7 +86,8 @@ virNetworkPortDefParseNode(xmlDocPtr xml, xmlNodePtr root); virNetworkPortDef * -virNetworkPortDefParseString(const char *xml); +virNetworkPortDefParseString(const char *xml, + unsigned int flags); virNetworkPortDef * virNetworkPortDefParseFile(const char *filename); diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index e8b9ffa1fc..7513ddad48 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -5287,7 +5287,7 @@ networkPortCreateXML(virNetworkPtr net, def = virNetworkObjGetDef(obj); - if (!(portdef = virNetworkPortDefParseString(xmldesc))) + if (!(portdef = virNetworkPortDefParseString(xmldesc, 0))) goto cleanup; if (virNetworkPortCreateXMLEnsureACL(net->conn, def, portdef) < 0) -- 2.31.1
Signed-off-by: Kristina Hanicova <khanicov@redhat.com> --- src/network/bridge_driver.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 7513ddad48..06822fb3a0 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -5280,14 +5280,15 @@ networkPortCreateXML(virNetworkPtr net, virNetworkPortPtr ret = NULL; int rc; - virCheckFlags(VIR_NETWORK_PORT_CREATE_RECLAIM, NULL); + virCheckFlags(VIR_NETWORK_PORT_CREATE_RECLAIM | + VIR_NETWORK_PORT_CREATE_VALIDATE, NULL); if (!(obj = networkObjFromNetwork(net))) return ret; def = virNetworkObjGetDef(obj); - if (!(portdef = virNetworkPortDefParseString(xmldesc, 0))) + if (!(portdef = virNetworkPortDefParseString(xmldesc, flags))) goto cleanup; if (virNetworkPortCreateXMLEnsureACL(net->conn, def, portdef) < 0) -- 2.31.1
Signed-off-by: Kristina Hanicova <khanicov@redhat.com> --- docs/manpages/virsh.rst | 4 +++- tools/virsh-network.c | 10 +++++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst index 2204bed3bb..c699b198fb 100644 --- a/docs/manpages/virsh.rst +++ b/docs/manpages/virsh.rst @@ -5452,10 +5452,12 @@ net-port-create :: - net-port-create network file + net-port-create network file [--validate] Allocate a new network port reserving resources based on the port description. +Optionally, the format of the input XML file can be validated against an +internal RNG schema with *--validate*. net-port-dumpxml diff --git a/tools/virsh-network.c b/tools/virsh-network.c index badbcd0a92..a8f7f46905 100644 --- a/tools/virsh-network.c +++ b/tools/virsh-network.c @@ -1492,6 +1492,10 @@ static const vshCmdInfo info_network_port_create[] = { static const vshCmdOptDef opts_network_port_create[] = { VIRSH_COMMON_OPT_NETWORK_FULL(VIR_CONNECT_LIST_NETWORKS_ACTIVE), VIRSH_COMMON_OPT_FILE(N_("file containing an XML network port description")), + {.name = "validate", + .type = VSH_OT_BOOL, + .help = N_("validate the XML against the schema") + }, {.name = NULL} }; @@ -1503,6 +1507,7 @@ cmdNetworkPortCreate(vshControl *ctl, const vshCmd *cmd) bool ret = false; char *buffer = NULL; virNetworkPtr network = NULL; + unsigned int flags = 0; network = virshCommandOptNetwork(ctl, cmd, NULL); if (network == NULL) @@ -1511,12 +1516,15 @@ cmdNetworkPortCreate(vshControl *ctl, const vshCmd *cmd) if (vshCommandOptStringReq(ctl, cmd, "file", &from) < 0) goto cleanup; + if (vshCommandOptBool(cmd, "validate")) + flags |= VIR_NETWORK_PORT_CREATE_VALIDATE; + if (virFileReadAll(from, VSH_MAX_XML_FILE, &buffer) < 0) { vshSaveLibvirtError(); goto cleanup; } - port = virNetworkPortCreateXML(network, buffer, 0); + port = virNetworkPortCreateXML(network, buffer, flags); if (port != NULL) { char uuidstr[VIR_UUID_STRING_BUFLEN]; -- 2.31.1
On a Thursday in 2021, Kristina Hanicova wrote:
Kristina Hanicova (4): api: add VIR_NETWORK_PORT_CREATE_VALIDATE flag conf: virnetworkportdef: add validation against schema in network port create bridge_driver: allow VIR_NETWORK_PORT_CREATE_VALIDATE flag virsh: add support for '--validate' option in create network port
docs/manpages/virsh.rst | 4 +++- include/libvirt/libvirt-network.h | 1 + src/conf/domain_conf.c | 2 +- src/conf/virnetworkportdef.c | 14 +++++++++----- src/conf/virnetworkportdef.h | 3 ++- src/libvirt-network.c | 2 +- src/network/bridge_driver.c | 5 +++-- tools/virsh-network.c | 10 +++++++++- 8 files changed, 29 insertions(+), 12 deletions(-)
Reviewed-by: Ján Tomko <jtomko@redhat.com> Jano
participants (2)
-
Ján Tomko -
Kristina Hanicova