[PATCH v4 0/4] Implement virDomainGetMessages for test driver

v4: - Move testDomainObjCheckTaint to testParseDomains() - Add CPU tainted and deprecation check - Add a new xml with more tainted configs Luke Yue (4): conf: domain: Introduce and use virDomainObjGetMessages() test_driver: Implement virDomainGetMessages test_driver: Introduce testDomainObjCheckTaint examples: test: Add a new test xml with more tainted configs for testing examples/xml/test/testdomfc5.xml | 51 +++++++++++++++ examples/xml/test/testnode.xml | 1 + examples/xml/test/testnodeinline.xml | 51 +++++++++++++++ src/conf/domain_conf.c | 53 +++++++++++++++ src/conf/domain_conf.h | 5 ++ src/libvirt_private.syms | 1 + src/qemu/qemu_driver.c | 34 +--------- src/test/test_driver.c | 98 ++++++++++++++++++++++++++++ tests/virshtest.c | 52 +++++++++++++-- 9 files changed, 306 insertions(+), 40 deletions(-) create mode 100644 examples/xml/test/testdomfc5.xml -- 2.32.0

The test driver and qemu driver could share the same code in virDomainGetMessages(), so extract it to a function. Signed-off-by: Luke Yue <lukedyue@gmail.com> --- src/conf/domain_conf.c | 53 ++++++++++++++++++++++++++++++++++++++++ src/conf/domain_conf.h | 5 ++++ src/libvirt_private.syms | 1 + src/qemu/qemu_driver.c | 34 +------------------------- 4 files changed, 60 insertions(+), 33 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 2d8ae7e860..09aa81f476 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -31134,3 +31134,56 @@ virHostdevIsVFIODevice(const virDomainHostdevDef *hostdev) hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI && hostdev->source.subsys.u.pci.backend == VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO; } + + +/** + * virDomainObjGetMessages: + * @vm: domain object + * @msgs: pointer to a variable to store messages + * @flags: zero or more virDomainMessageType flags + * + * Returns number of messages stored in @msgs, -1 otherwise. + */ +int +virDomainObjGetMessages(virDomainObj *vm, + char ***msgs, + unsigned int flags) +{ + size_t i, n; + int nmsgs; + int rv = -1; + + *msgs = NULL; + nmsgs = 0; + n = 0; + + if (!flags || (flags & VIR_DOMAIN_MESSAGE_TAINTING)) { + nmsgs += __builtin_popcount(vm->taint); + *msgs = g_renew(char *, *msgs, nmsgs+1); + + for (i = 0; i < VIR_DOMAIN_TAINT_LAST; i++) { + if (vm->taint & (1 << i)) { + (*msgs)[n++] = g_strdup_printf( + _("tainted: %s"), + _(virDomainTaintMessageTypeToString(i))); + } + } + } + + if (!flags || (flags & VIR_DOMAIN_MESSAGE_DEPRECATION)) { + nmsgs += vm->ndeprecations; + *msgs = g_renew(char *, *msgs, nmsgs+1); + + for (i = 0; i < vm->ndeprecations; i++) { + (*msgs)[n++] = g_strdup_printf( + _("deprecated configuration: %s"), + vm->deprecations[i]); + } + } + + (*msgs)[nmsgs] = NULL; + + rv = nmsgs; + + return rv; +} diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index c31531c93b..35cdfa3a9f 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -4142,3 +4142,8 @@ virHostdevIsMdevDevice(const virDomainHostdevDef *hostdev) bool virHostdevIsVFIODevice(const virDomainHostdevDef *hostdev) ATTRIBUTE_NONNULL(1); + +int +virDomainObjGetMessages(virDomainObj *vm, + char ***msgs, + unsigned int flags); diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index cc7533a707..b20bcb2c65 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -564,6 +564,7 @@ virDomainObjDeprecation; virDomainObjEndAPI; virDomainObjFormat; virDomainObjGetDefs; +virDomainObjGetMessages; virDomainObjGetMetadata; virDomainObjGetOneDef; virDomainObjGetOneDefState; diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 235f575901..592e1236e7 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -20319,8 +20319,6 @@ qemuDomainGetMessages(virDomainPtr dom, { virDomainObj *vm = NULL; int rv = -1; - size_t i, n; - int nmsgs; virCheckFlags(VIR_DOMAIN_MESSAGE_DEPRECATION | VIR_DOMAIN_MESSAGE_TAINTING, -1); @@ -20331,37 +20329,7 @@ qemuDomainGetMessages(virDomainPtr dom, if (virDomainGetMessagesEnsureACL(dom->conn, vm->def) < 0) goto cleanup; - *msgs = NULL; - nmsgs = 0; - n = 0; - - if (!flags || (flags & VIR_DOMAIN_MESSAGE_TAINTING)) { - nmsgs += __builtin_popcount(vm->taint); - *msgs = g_renew(char *, *msgs, nmsgs+1); - - for (i = 0; i < VIR_DOMAIN_TAINT_LAST; i++) { - if (vm->taint & (1 << i)) { - (*msgs)[n++] = g_strdup_printf( - _("tainted: %s"), - _(virDomainTaintMessageTypeToString(i))); - } - } - } - - if (!flags || (flags & VIR_DOMAIN_MESSAGE_DEPRECATION)) { - nmsgs += vm->ndeprecations; - *msgs = g_renew(char *, *msgs, nmsgs+1); - - for (i = 0; i < vm->ndeprecations; i++) { - (*msgs)[n++] = g_strdup_printf( - _("deprecated configuration: %s"), - vm->deprecations[i]); - } - } - - (*msgs)[nmsgs] = NULL; - - rv = nmsgs; + rv = virDomainObjGetMessages(vm, msgs, flags); cleanup: virDomainObjEndAPI(&vm); -- 2.32.0

On Mon, 2021-07-12 at 19:32 +0800, Luke Yue wrote:
The test driver and qemu driver could share the same code in virDomainGetMessages(), so extract it to a function.
Signed-off-by: Luke Yue <lukedyue@gmail.com> --- src/conf/domain_conf.c | 53 ++++++++++++++++++++++++++++++++++++++++ src/conf/domain_conf.h | 5 ++++ src/libvirt_private.syms | 1 + src/qemu/qemu_driver.c | 34 +------------------------- 4 files changed, 60 insertions(+), 33 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 2d8ae7e860..09aa81f476 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -31134,3 +31134,56 @@ virHostdevIsVFIODevice(const virDomainHostdevDef *hostdev) hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI && hostdev->source.subsys.u.pci.backend == VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO; } + + +/** + * virDomainObjGetMessages: + * @vm: domain object + * @msgs: pointer to a variable to store messages + * @flags: zero or more virDomainMessageType flags + * + * Returns number of messages stored in @msgs, -1 otherwise. + */ +int +virDomainObjGetMessages(virDomainObj *vm, + char ***msgs, + unsigned int flags) +{ + size_t i, n; + int nmsgs; + int rv = -1; + + *msgs = NULL; + nmsgs = 0; + n = 0; + + if (!flags || (flags & VIR_DOMAIN_MESSAGE_TAINTING)) { + nmsgs += __builtin_popcount(vm->taint); + *msgs = g_renew(char *, *msgs, nmsgs+1); + + for (i = 0; i < VIR_DOMAIN_TAINT_LAST; i++) { + if (vm->taint & (1 << i)) { + (*msgs)[n++] = g_strdup_printf( + _("tainted: %s"), + _(virDomainTaintMessageTypeToString(i))); + } + } + } + + if (!flags || (flags & VIR_DOMAIN_MESSAGE_DEPRECATION)) { + nmsgs += vm->ndeprecations; + *msgs = g_renew(char *, *msgs, nmsgs+1); + + for (i = 0; i < vm->ndeprecations; i++) { + (*msgs)[n++] = g_strdup_printf( + _("deprecated configuration: %s"), + vm->deprecations[i]); + } + } + + (*msgs)[nmsgs] = NULL; + + rv = nmsgs; + + return rv; +} diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index c31531c93b..35cdfa3a9f 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -4142,3 +4142,8 @@ virHostdevIsMdevDevice(const virDomainHostdevDef *hostdev) bool virHostdevIsVFIODevice(const virDomainHostdevDef *hostdev) ATTRIBUTE_NONNULL(1); + +int +virDomainObjGetMessages(virDomainObj *vm, + char ***msgs, + unsigned int flags); diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index cc7533a707..b20bcb2c65 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -564,6 +564,7 @@ virDomainObjDeprecation; virDomainObjEndAPI; virDomainObjFormat; virDomainObjGetDefs; +virDomainObjGetMessages; virDomainObjGetMetadata; virDomainObjGetOneDef; virDomainObjGetOneDefState; diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 235f575901..592e1236e7 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -20319,8 +20319,6 @@ qemuDomainGetMessages(virDomainPtr dom, { virDomainObj *vm = NULL; int rv = -1; - size_t i, n; - int nmsgs; virCheckFlags(VIR_DOMAIN_MESSAGE_DEPRECATION | VIR_DOMAIN_MESSAGE_TAINTING, -1); @@ -20331,37 +20329,7 @@ qemuDomainGetMessages(virDomainPtr dom, if (virDomainGetMessagesEnsureACL(dom->conn, vm->def) < 0) goto cleanup; - *msgs = NULL; - nmsgs = 0; - n = 0; - - if (!flags || (flags & VIR_DOMAIN_MESSAGE_TAINTING)) { - nmsgs += __builtin_popcount(vm->taint); - *msgs = g_renew(char *, *msgs, nmsgs+1); - - for (i = 0; i < VIR_DOMAIN_TAINT_LAST; i++) { - if (vm->taint & (1 << i)) { - (*msgs)[n++] = g_strdup_printf( - _("tainted: %s"), - _(virDomainTaintMessageTypeToString(i))); - } - } - } - - if (!flags || (flags & VIR_DOMAIN_MESSAGE_DEPRECATION)) { - nmsgs += vm->ndeprecations; - *msgs = g_renew(char *, *msgs, nmsgs+1); - - for (i = 0; i < vm->ndeprecations; i++) { - (*msgs)[n++] = g_strdup_printf( - _("deprecated configuration: %s"), - vm->deprecations[i]); - } - } - - (*msgs)[nmsgs] = NULL; - - rv = nmsgs; + rv = virDomainObjGetMessages(vm, msgs, flags); cleanup: virDomainObjEndAPI(&vm);
I just find out that maybe I should extract the function to hypervisor/domain_driver.c? If the left parts of the patch set are fine then I will send v5 to extract the function to hypervisor/domain_driver. Thanks

On Tue, Jul 13, 2021 at 10:54:14AM +0800, Luke Yue wrote:
On Mon, 2021-07-12 at 19:32 +0800, Luke Yue wrote:
The test driver and qemu driver could share the same code in virDomainGetMessages(), so extract it to a function.
Signed-off-by: Luke Yue <lukedyue@gmail.com> --- src/conf/domain_conf.c | 53 ++++++++++++++++++++++++++++++++++++++++ src/conf/domain_conf.h | 5 ++++ src/libvirt_private.syms | 1 + src/qemu/qemu_driver.c | 34 +------------------------- 4 files changed, 60 insertions(+), 33 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 2d8ae7e860..09aa81f476 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -31134,3 +31134,56 @@ virHostdevIsVFIODevice(const virDomainHostdevDef *hostdev) hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI && hostdev->source.subsys.u.pci.backend == VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO; } + + +/** + * virDomainObjGetMessages: + * @vm: domain object + * @msgs: pointer to a variable to store messages + * @flags: zero or more virDomainMessageType flags + * + * Returns number of messages stored in @msgs, -1 otherwise. + */ +int +virDomainObjGetMessages(virDomainObj *vm, + char ***msgs, + unsigned int flags) +{ + size_t i, n; + int nmsgs; + int rv = -1; + + *msgs = NULL; + nmsgs = 0; + n = 0; +
No need to split these any more, I'll join them with the declarations before pushing.
+ if (!flags || (flags & VIR_DOMAIN_MESSAGE_TAINTING)) { + nmsgs += __builtin_popcount(vm->taint); + *msgs = g_renew(char *, *msgs, nmsgs+1); + + for (i = 0; i < VIR_DOMAIN_TAINT_LAST; i++) { + if (vm->taint & (1 << i)) { + (*msgs)[n++] = g_strdup_printf( + _("tainted: %s"), + _(virDomainTaintMessageTypeToString(i))); + } + } + } + + if (!flags || (flags & VIR_DOMAIN_MESSAGE_DEPRECATION)) { + nmsgs += vm->ndeprecations; + *msgs = g_renew(char *, *msgs, nmsgs+1); + + for (i = 0; i < vm->ndeprecations; i++) { + (*msgs)[n++] = g_strdup_printf( + _("deprecated configuration: %s"), + vm->deprecations[i]); + } + } + + (*msgs)[nmsgs] = NULL; + + rv = nmsgs; + + return rv; +} diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index c31531c93b..35cdfa3a9f 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -4142,3 +4142,8 @@ virHostdevIsMdevDevice(const virDomainHostdevDef *hostdev) bool virHostdevIsVFIODevice(const virDomainHostdevDef *hostdev) ATTRIBUTE_NONNULL(1); + +int +virDomainObjGetMessages(virDomainObj *vm, + char ***msgs, + unsigned int flags); diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index cc7533a707..b20bcb2c65 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -564,6 +564,7 @@ virDomainObjDeprecation; virDomainObjEndAPI; virDomainObjFormat; virDomainObjGetDefs; +virDomainObjGetMessages; virDomainObjGetMetadata; virDomainObjGetOneDef; virDomainObjGetOneDefState; diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 235f575901..592e1236e7 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -20319,8 +20319,6 @@ qemuDomainGetMessages(virDomainPtr dom, { virDomainObj *vm = NULL; int rv = -1; - size_t i, n; - int nmsgs; virCheckFlags(VIR_DOMAIN_MESSAGE_DEPRECATION | VIR_DOMAIN_MESSAGE_TAINTING, -1); @@ -20331,37 +20329,7 @@ qemuDomainGetMessages(virDomainPtr dom, if (virDomainGetMessagesEnsureACL(dom->conn, vm->def) < 0) goto cleanup; - *msgs = NULL; - nmsgs = 0; - n = 0; - - if (!flags || (flags & VIR_DOMAIN_MESSAGE_TAINTING)) { - nmsgs += __builtin_popcount(vm->taint); - *msgs = g_renew(char *, *msgs, nmsgs+1); - - for (i = 0; i < VIR_DOMAIN_TAINT_LAST; i++) { - if (vm->taint & (1 << i)) { - (*msgs)[n++] = g_strdup_printf( - _("tainted: %s"), - _(virDomainTaintMessageTypeToString(i))); - } - } - } - - if (!flags || (flags & VIR_DOMAIN_MESSAGE_DEPRECATION)) { - nmsgs += vm->ndeprecations; - *msgs = g_renew(char *, *msgs, nmsgs+1); - - for (i = 0; i < vm->ndeprecations; i++) { - (*msgs)[n++] = g_strdup_printf( - _("deprecated configuration: %s"), - vm->deprecations[i]); - } - } - - (*msgs)[nmsgs] = NULL; - - rv = nmsgs; + rv = virDomainObjGetMessages(vm, msgs, flags); cleanup: virDomainObjEndAPI(&vm);
I just find out that maybe I should extract the function to hypervisor/domain_driver.c? If the left parts of the patch set are fine then I will send v5 to extract the function to hypervisor/domain_driver.
I would rather go for domain_conf, we can always move it later if needed.
Thanks

Signed-off-by: Luke Yue <lukedyue@gmail.com> --- src/test/test_driver.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/src/test/test_driver.c b/src/test/test_driver.c index 65710b78ef..ef406a3d99 100644 --- a/src/test/test_driver.c +++ b/src/test/test_driver.c @@ -9331,6 +9331,26 @@ testDomainCheckpointDelete(virDomainCheckpointPtr checkpoint, return ret; } +static int +testDomainGetMessages(virDomainPtr dom, + char ***msgs, + unsigned int flags) +{ + virDomainObj *vm = NULL; + int rv = -1; + + virCheckFlags(VIR_DOMAIN_MESSAGE_DEPRECATION | + VIR_DOMAIN_MESSAGE_TAINTING, -1); + + if (!(vm = testDomObjFromDomain(dom))) + return -1; + + rv = virDomainObjGetMessages(vm, msgs, flags); + + virDomainObjEndAPI(&vm); + return rv; +} + /* * Test driver */ @@ -9489,6 +9509,7 @@ static virHypervisorDriver testHypervisorDriver = { .domainCheckpointLookupByName = testDomainCheckpointLookupByName, /* 5.6.0 */ .domainCheckpointGetParent = testDomainCheckpointGetParent, /* 5.6.0 */ .domainCheckpointDelete = testDomainCheckpointDelete, /* 5.6.0 */ + .domainGetMessages = testDomainGetMessages, /* 7.6.0 */ }; static virNetworkDriver testNetworkDriver = { -- 2.32.0

In order to test the virDomainGetMessages for test driver, we need to check some taints or deprecations, so introduce testDomainObjCheckTaint for checking taints. As we introduced testDomainObjCheckTaint for test driver, the `dominfo` command in virshtest will now print tainting messages, so add them for test. Signed-off-by: Luke Yue <lukedyue@gmail.com> --- src/test/test_driver.c | 77 ++++++++++++++++++++++++++++++++++++++++++ tests/virshtest.c | 2 ++ 2 files changed, 79 insertions(+) diff --git a/src/test/test_driver.c b/src/test/test_driver.c index ef406a3d99..ca9c2fa2fb 100644 --- a/src/test/test_driver.c +++ b/src/test/test_driver.c @@ -747,6 +747,81 @@ static char *testBuildFilename(const char *relativeTo, return g_strdup_printf("%s/%s", basename, filename); } +static void +testDomainObjCheckCPUTaint(virDomainObj *obj) +{ + switch (obj->def->cpu->mode) { + case VIR_CPU_MODE_CUSTOM: + if (obj->def->cpu->model) + if (STREQ(obj->def->cpu->model, "Deprecated-Test")) { + virDomainObjTaint(obj, VIR_DOMAIN_TAINT_DEPRECATED_CONFIG); + virDomainObjDeprecation(obj, "CPU model Deprecated-Test"); + } + + break; + default: + break; + } +} + +static void +testDomainObjCheckDiskTaint(virDomainObj *obj, + virDomainDiskDef *disk) +{ + if (disk->rawio == VIR_TRISTATE_BOOL_YES) + virDomainObjTaint(obj, VIR_DOMAIN_TAINT_HIGH_PRIVILEGES); + + if (disk->device == VIR_DOMAIN_DISK_DEVICE_CDROM && + virStorageSourceGetActualType(disk->src) == VIR_STORAGE_TYPE_BLOCK && + disk->src->path) + virDomainObjTaint(obj, VIR_DOMAIN_TAINT_CDROM_PASSTHROUGH); +} + +static void +testDomainObjCheckHostdevTaint(virDomainObj *obj, + virDomainHostdevDef *hostdev) +{ + if (!virHostdevIsSCSIDevice(hostdev)) + return; + + if (hostdev->source.subsys.u.scsi.rawio == VIR_TRISTATE_BOOL_YES) + virDomainObjTaint(obj, VIR_DOMAIN_TAINT_HIGH_PRIVILEGES); +} + +static void +testDomainObjCheckNetTaint(virDomainObj *obj, + virDomainNetDef *net) +{ + /* script is only useful for NET_TYPE_ETHERNET (qemu) and + * NET_TYPE_BRIDGE (xen), but could be (incorrectly) specified for + * any interface type. In any case, it's adding user sauce into + * the soup, so it should taint the domain. + */ + if (net->script != NULL) + virDomainObjTaint(obj, VIR_DOMAIN_TAINT_SHELL_SCRIPTS); +} + +static void +testDomainObjCheckTaint(virDomainObj *obj) +{ + size_t i; + + for (i = 0; i < obj->def->ndisks; i++) + testDomainObjCheckDiskTaint(obj, obj->def->disks[i]); + + for (i = 0; i < obj->def->nhostdevs; i++) + testDomainObjCheckHostdevTaint(obj, obj->def->hostdevs[i]); + + for (i = 0; i < obj->def->nnets; i++) + testDomainObjCheckNetTaint(obj, obj->def->nets[i]); + + if (obj->def->cpu) + testDomainObjCheckCPUTaint(obj); + + if (obj->def->os.dtb) + virDomainObjTaint(obj, VIR_DOMAIN_TAINT_CUSTOM_DTB); +} + static xmlNodePtr testParseXMLDocFromFile(xmlNodePtr node, const char *file, const char *type) { @@ -969,6 +1044,8 @@ testParseDomains(testDriver *privconn, } virDomainObjSetState(obj, nsdata->runstate, 0); + testDomainObjCheckTaint(obj); + virDomainObjEndAPI(&obj); } diff --git a/tests/virshtest.c b/tests/virshtest.c index c1974c46cb..937448cefc 100644 --- a/tests/virshtest.c +++ b/tests/virshtest.c @@ -22,6 +22,7 @@ main(void) # define DOM_UUID "ef861801-45b9-11cb-88e3-afbfe5370493" # define SECURITY_LABEL "libvirt-test (enforcing)" +# define MESSAGES "tainted: network configuration using opaque shell scripts" static const char *dominfo_fc4 = "\ Id: 2\n\ @@ -38,6 +39,7 @@ Managed save: no\n\ Security model: testSecurity\n\ Security DOI: \n\ Security label: " SECURITY_LABEL "\n\ +Messages: " MESSAGES "\n\ \n"; static const char *domuuid_fc4 = DOM_UUID "\n\n"; static const char *domid_fc4 = "2\n\n"; -- 2.32.0

Signed-off-by: Luke Yue <lukedyue@gmail.com> --- examples/xml/test/testdomfc5.xml | 51 ++++++++++++++++++++++++++ examples/xml/test/testnode.xml | 1 + examples/xml/test/testnodeinline.xml | 51 ++++++++++++++++++++++++++ tests/virshtest.c | 54 +++++++++++++++++++++++----- 4 files changed, 148 insertions(+), 9 deletions(-) create mode 100644 examples/xml/test/testdomfc5.xml diff --git a/examples/xml/test/testdomfc5.xml b/examples/xml/test/testdomfc5.xml new file mode 100644 index 0000000000..a8afc211f6 --- /dev/null +++ b/examples/xml/test/testdomfc5.xml @@ -0,0 +1,51 @@ +<domain type='test'> + <name>fc5</name> + <uuid>08721f993d1d4aec96eb97803297bb36</uuid> + <cpu mode='custom'> + <model>Deprecated-Test</model> + <vendor>Libvirt</vendor> + <topology sockets='1' dies='1' cores='4' threads='1'/> + </cpu> + <os> + <type>hvm</type> + <loader>/usr/lib/xen/boot/hvmloader</loader> + <dtb>/root/ppc.dtb</dtb> + <boot dev='hd'/> + </os> + <memory>2097152</memory> + <vcpu>4</vcpu> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>restart</on_crash> + <features> + <pae/> + <acpi/> + <apic/> + </features> + <devices> + <emulator>/usr/lib/xen/bin/qemu-dm</emulator> + <interface type='bridge'> + <source bridge='xenbr0'/> + <mac address='00:16:3e:5d:c7:26'/> + <script path='vif-bridge'/> + </interface> + <disk type='file'> + <source file='/root/fv0'/> + <target dev='hda'/> + </disk> + <disk type='block' device='cdrom'> + <source dev='/dev/sr0'/> + <target dev='hdb' bus='ide'/> + <readonly/> + </disk> + <disk type='file' device='floppy'> + <source file='/root/fd.img'/> + <target dev='fda'/> + </disk> + <disk type='block' device='lun' rawio='yes'> + <source dev='/dev/disk/by-path/ip-127.0.0.1:3260-iscsi-test.target-lun-0'/> + <target dev='sda' bus='scsi'/> + </disk> + <graphics type='vnc' port='5904'/> + </devices> +</domain> diff --git a/examples/xml/test/testnode.xml b/examples/xml/test/testnode.xml index 001e353b1d..64d1590a30 100644 --- a/examples/xml/test/testnode.xml +++ b/examples/xml/test/testnode.xml @@ -9,6 +9,7 @@ --> <domain file="testdomfv0.xml"/> <domain file="testdomfc4.xml"/> + <domain file="testdomfc5.xml"/> <network file="testnetpriv.xml"/> <network file="testnetdef.xml"/> <pool file="testpool.xml"> diff --git a/examples/xml/test/testnodeinline.xml b/examples/xml/test/testnodeinline.xml index 0ec0f1ace6..60970145a0 100644 --- a/examples/xml/test/testnodeinline.xml +++ b/examples/xml/test/testnodeinline.xml @@ -75,6 +75,57 @@ <console tty="/dev/pts/5"/> </devices> </domain> + <domain type='test'> + <name>fc5</name> + <uuid>08721f993d1d4aec96eb97803297bb36</uuid> + <cpu mode='custom'> + <model>Deprecated-Test</model> + <vendor>Libvirt</vendor> + <topology sockets='1' dies='1' cores='4' threads='1'/> + </cpu> + <os> + <type>hvm</type> + <loader>/usr/lib/xen/boot/hvmloader</loader> + <dtb>/root/ppc.dtb</dtb> + <boot dev='hd'/> + </os> + <memory>2097152</memory> + <vcpu>4</vcpu> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>restart</on_crash> + <features> + <pae/> + <acpi/> + <apic/> + </features> + <devices> + <emulator>/usr/lib/xen/bin/qemu-dm</emulator> + <interface type='bridge'> + <source bridge='xenbr0'/> + <mac address='00:16:3e:5d:c7:26'/> + <script path='vif-bridge'/> + </interface> + <disk type='file'> + <source file='/root/fv0'/> + <target dev='hda'/> + </disk> + <disk type='block' device='cdrom'> + <source dev='/dev/sr0'/> + <target dev='hdb' bus='ide'/> + <readonly/> + </disk> + <disk type='file' device='floppy'> + <source file='/root/fd.img'/> + <target dev='fda'/> + </disk> + <disk type='block' device='lun' rawio='yes'> + <source dev='/dev/disk/by-path/ip-127.0.0.1:3260-iscsi-test.target-lun-0'/> + <target dev='sda' bus='scsi'/> + </disk> + <graphics type='vnc' port='5904'/> + </devices> + </domain> <network> <name>private</name> <uuid>004b22212d78c30f5aa5f03c87d21e69</uuid> diff --git a/tests/virshtest.c b/tests/virshtest.c index 937448cefc..ef2b879e8d 100644 --- a/tests/virshtest.c +++ b/tests/virshtest.c @@ -20,14 +20,21 @@ main(void) #else -# define DOM_UUID "ef861801-45b9-11cb-88e3-afbfe5370493" +# define DOM_FC4_UUID "ef861801-45b9-11cb-88e3-afbfe5370493" +# define DOM_FC5_UUID "08721f99-3d1d-4aec-96eb-97803297bb36" # define SECURITY_LABEL "libvirt-test (enforcing)" -# define MESSAGES "tainted: network configuration using opaque shell scripts" +# define FC4_MESSAGES "tainted: network configuration using opaque shell scripts" +# define FC5_MESSAGES "tainted: running with undesirable elevated privileges\n\ + tainted: network configuration using opaque shell scripts\n\ + tainted: use of host cdrom passthrough\n\ + tainted: custom device tree blob used\n\ + tainted: use of deprecated configuration settings\n\ + deprecated configuration: CPU model Deprecated-Test" static const char *dominfo_fc4 = "\ Id: 2\n\ Name: fc4\n\ -UUID: " DOM_UUID "\n\ +UUID: " DOM_FC4_UUID "\n\ OS Type: linux\n\ State: running\n\ CPU(s): 1\n\ @@ -39,12 +46,29 @@ Managed save: no\n\ Security model: testSecurity\n\ Security DOI: \n\ Security label: " SECURITY_LABEL "\n\ -Messages: " MESSAGES "\n\ +Messages: " FC4_MESSAGES "\n\ \n"; -static const char *domuuid_fc4 = DOM_UUID "\n\n"; +static const char *domuuid_fc4 = DOM_FC4_UUID "\n\n"; static const char *domid_fc4 = "2\n\n"; static const char *domname_fc4 = "fc4\n\n"; static const char *domstate_fc4 = "running\n\n"; +static const char *dominfo_fc5 = "\ +Id: 3\n\ +Name: fc5\n\ +UUID: " DOM_FC5_UUID "\n\ +OS Type: linux\n\ +State: running\n\ +CPU(s): 4\n\ +Max memory: 2097152 KiB\n\ +Used memory: 2097152 KiB\n\ +Persistent: yes\n\ +Autostart: disable\n\ +Managed save: no\n\ +Security model: testSecurity\n\ +Security DOI: \n\ +Security label: " SECURITY_LABEL "\n\ +Messages: " FC5_MESSAGES "\n\ +\n"; static int testFilterLine(char *buffer, const char *toRemove) @@ -128,6 +152,7 @@ static int testCompareListCustom(const void *data G_GNUC_UNUSED) ----------------------\n\ 1 fv0 running\n\ 2 fc4 running\n\ + 3 fc5 running\n\ \n"; return testCompareOutputLit(exp, NULL, argv); } @@ -177,7 +202,7 @@ static int testCompareDominfoByID(const void *data G_GNUC_UNUSED) static int testCompareDominfoByUUID(const void *data G_GNUC_UNUSED) { - const char *const argv[] = { VIRSH_CUSTOM, "dominfo", DOM_UUID, NULL }; + const char *const argv[] = { VIRSH_CUSTOM, "dominfo", DOM_FC4_UUID, NULL }; const char *exp = dominfo_fc4; return testCompareOutputLit(exp, "\nCPU time:", argv); } @@ -189,6 +214,13 @@ static int testCompareDominfoByName(const void *data G_GNUC_UNUSED) return testCompareOutputLit(exp, "\nCPU time:", argv); } +static int testCompareTaintedDominfoByName(const void *data G_GNUC_UNUSED) +{ + const char *const argv[] = { VIRSH_CUSTOM, "dominfo", "fc5", NULL }; + const char *exp = dominfo_fc5; + return testCompareOutputLit(exp, "\nCPU time:", argv); +} + static int testCompareDomuuidByID(const void *data G_GNUC_UNUSED) { const char *const argv[] = { VIRSH_CUSTOM, "domuuid", "2", NULL }; @@ -212,7 +244,7 @@ static int testCompareDomidByName(const void *data G_GNUC_UNUSED) static int testCompareDomidByUUID(const void *data G_GNUC_UNUSED) { - const char *const argv[] = { VIRSH_CUSTOM, "domid", DOM_UUID, NULL }; + const char *const argv[] = { VIRSH_CUSTOM, "domid", DOM_FC4_UUID, NULL }; const char *exp = domid_fc4; return testCompareOutputLit(exp, NULL, argv); } @@ -226,7 +258,7 @@ static int testCompareDomnameByID(const void *data G_GNUC_UNUSED) static int testCompareDomnameByUUID(const void *data G_GNUC_UNUSED) { - const char *const argv[] = { VIRSH_CUSTOM, "domname", DOM_UUID, NULL }; + const char *const argv[] = { VIRSH_CUSTOM, "domname", DOM_FC4_UUID, NULL }; const char *exp = domname_fc4; return testCompareOutputLit(exp, NULL, argv); } @@ -240,7 +272,7 @@ static int testCompareDomstateByID(const void *data G_GNUC_UNUSED) static int testCompareDomstateByUUID(const void *data G_GNUC_UNUSED) { - const char *const argv[] = { VIRSH_CUSTOM, "domstate", DOM_UUID, NULL }; + const char *const argv[] = { VIRSH_CUSTOM, "domstate", DOM_FC4_UUID, NULL }; const char *exp = domstate_fc4; return testCompareOutputLit(exp, NULL, argv); } @@ -300,6 +332,10 @@ mymain(void) testCompareDominfoByName, NULL) != 0) ret = -1; + if (virTestRun("virsh dominfo (by name, more tainted messages)", + testCompareTaintedDominfoByName, NULL) != 0) + ret = -1; + if (virTestRun("virsh domid (by name)", testCompareDomidByName, NULL) != 0) ret = -1; -- 2.32.0

On Mon, Jul 12, 2021 at 07:32:13PM +0800, Luke Yue wrote:
v4: - Move testDomainObjCheckTaint to testParseDomains() - Add CPU tainted and deprecation check - Add a new xml with more tainted configs
With the modification suggested in 1/4:0 Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Luke Yue (4): conf: domain: Introduce and use virDomainObjGetMessages() test_driver: Implement virDomainGetMessages test_driver: Introduce testDomainObjCheckTaint examples: test: Add a new test xml with more tainted configs for testing
examples/xml/test/testdomfc5.xml | 51 +++++++++++++++ examples/xml/test/testnode.xml | 1 + examples/xml/test/testnodeinline.xml | 51 +++++++++++++++ src/conf/domain_conf.c | 53 +++++++++++++++ src/conf/domain_conf.h | 5 ++ src/libvirt_private.syms | 1 + src/qemu/qemu_driver.c | 34 +--------- src/test/test_driver.c | 98 ++++++++++++++++++++++++++++ tests/virshtest.c | 52 +++++++++++++-- 9 files changed, 306 insertions(+), 40 deletions(-) create mode 100644 examples/xml/test/testdomfc5.xml
-- 2.32.0
participants (2)
-
Luke Yue
-
Martin Kletzander