6:32 a.m.
v4:
- Move testDomainObjCheckTaint to testParseDomains()
- Add CPU tainted and deprecation check
- Add a new xml with more tainted configs
Luke Yue (4):
conf: domain: Introduce and use virDomainObjGetMessages()
test_driver: Implement virDomainGetMessages
test_driver: Introduce testDomainObjCheckTaint
examples: test: Add a new test xml with more tainted configs for
testing
examples/xml/test/testdomfc5.xml | 51 +++++++++++++++
examples/xml/test/testnode.xml | 1 +
examples/xml/test/testnodeinline.xml | 51 +++++++++++++++
src/conf/domain_conf.c | 53 +++++++++++++++
src/conf/domain_conf.h | 5 ++
src/libvirt_private.syms | 1 +
src/qemu/qemu_driver.c | 34 +---------
src/test/test_driver.c | 98 ++++++++++++++++++++++++++++
tests/virshtest.c | 52 +++++++++++++--
9 files changed, 306 insertions(+), 40 deletions(-)
create mode 100644 examples/xml/test/testdomfc5.xml
--
2.32.0
6:32 a.m.
New subject: [PATCH v4 1/4] conf: domain: Introduce and use virDomainObjGetMessages()
The test driver and qemu driver could share the same code in
virDomainGetMessages(), so extract it to a function.
Signed-off-by: Luke Yue <lukedyue(a)gmail.com>
---
src/conf/domain_conf.c | 53 ++++++++++++++++++++++++++++++++++++++++
src/conf/domain_conf.h | 5 ++++
src/libvirt_private.syms | 1 +
src/qemu/qemu_driver.c | 34 +-------------------------
4 files changed, 60 insertions(+), 33 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 2d8ae7e860..09aa81f476 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -31134,3 +31134,56 @@ virHostdevIsVFIODevice(const virDomainHostdevDef *hostdev)
hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI &&
hostdev->source.subsys.u.pci.backend == VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO;
}
+
+
+/**
+ * virDomainObjGetMessages:
+ * @vm: domain object
+ * @msgs: pointer to a variable to store messages
+ * @flags: zero or more virDomainMessageType flags
+ *
+ * Returns number of messages stored in @msgs, -1 otherwise.
+ */
+int
+virDomainObjGetMessages(virDomainObj *vm,
+ char ***msgs,
+ unsigned int flags)
+{
+ size_t i, n;
+ int nmsgs;
+ int rv = -1;
+
+ *msgs = NULL;
+ nmsgs = 0;
+ n = 0;
+
+ if (!flags || (flags & VIR_DOMAIN_MESSAGE_TAINTING)) {
+ nmsgs += __builtin_popcount(vm->taint);
+ *msgs = g_renew(char *, *msgs, nmsgs+1);
+
+ for (i = 0; i < VIR_DOMAIN_TAINT_LAST; i++) {
+ if (vm->taint & (1 << i)) {
+ (*msgs)[n++] = g_strdup_printf(
+ _("tainted: %s"),
+ _(virDomainTaintMessageTypeToString(i)));
+ }
+ }
+ }
+
+ if (!flags || (flags & VIR_DOMAIN_MESSAGE_DEPRECATION)) {
+ nmsgs += vm->ndeprecations;
+ *msgs = g_renew(char *, *msgs, nmsgs+1);
+
+ for (i = 0; i < vm->ndeprecations; i++) {
+ (*msgs)[n++] = g_strdup_printf(
+ _("deprecated configuration: %s"),
+ vm->deprecations[i]);
+ }
+ }
+
+ (*msgs)[nmsgs] = NULL;
+
+ rv = nmsgs;
+
+ return rv;
+}
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index c31531c93b..35cdfa3a9f 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -4142,3 +4142,8 @@ virHostdevIsMdevDevice(const virDomainHostdevDef *hostdev)
bool
virHostdevIsVFIODevice(const virDomainHostdevDef *hostdev)
ATTRIBUTE_NONNULL(1);
+
+int
+virDomainObjGetMessages(virDomainObj *vm,
+ char ***msgs,
+ unsigned int flags);
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index cc7533a707..b20bcb2c65 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -564,6 +564,7 @@ virDomainObjDeprecation;
virDomainObjEndAPI;
virDomainObjFormat;
virDomainObjGetDefs;
+virDomainObjGetMessages;
virDomainObjGetMetadata;
virDomainObjGetOneDef;
virDomainObjGetOneDefState;
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 235f575901..592e1236e7 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -20319,8 +20319,6 @@ qemuDomainGetMessages(virDomainPtr dom,
{
virDomainObj *vm = NULL;
int rv = -1;
- size_t i, n;
- int nmsgs;
virCheckFlags(VIR_DOMAIN_MESSAGE_DEPRECATION |
VIR_DOMAIN_MESSAGE_TAINTING, -1);
@@ -20331,37 +20329,7 @@ qemuDomainGetMessages(virDomainPtr dom,
if (virDomainGetMessagesEnsureACL(dom->conn, vm->def) < 0)
goto cleanup;
- *msgs = NULL;
- nmsgs = 0;
- n = 0;
-
- if (!flags || (flags & VIR_DOMAIN_MESSAGE_TAINTING)) {
- nmsgs += __builtin_popcount(vm->taint);
- *msgs = g_renew(char *, *msgs, nmsgs+1);
-
- for (i = 0; i < VIR_DOMAIN_TAINT_LAST; i++) {
- if (vm->taint & (1 << i)) {
- (*msgs)[n++] = g_strdup_printf(
- _("tainted: %s"),
- _(virDomainTaintMessageTypeToString(i)));
- }
- }
- }
-
- if (!flags || (flags & VIR_DOMAIN_MESSAGE_DEPRECATION)) {
- nmsgs += vm->ndeprecations;
- *msgs = g_renew(char *, *msgs, nmsgs+1);
-
- for (i = 0; i < vm->ndeprecations; i++) {
- (*msgs)[n++] = g_strdup_printf(
- _("deprecated configuration: %s"),
- vm->deprecations[i]);
- }
- }
-
- (*msgs)[nmsgs] = NULL;
-
- rv = nmsgs;
+ rv = virDomainObjGetMessages(vm, msgs, flags);
cleanup:
virDomainObjEndAPI(&vm);
--
2.32.0
9:54 p.m.
New subject: [PATCH v4 1/4] conf: domain: Introduce and use virDomainObjGetMessages()
On Mon, 2021-07-12 at 19:32 +0800, Luke Yue wrote:
The test driver and qemu driver could share the same code in
virDomainGetMessages(), so extract it to a function.
Signed-off-by: Luke Yue <lukedyue(a)gmail.com>
---
src/conf/domain_conf.c | 53
++++++++++++++++++++++++++++++++++++++++
src/conf/domain_conf.h | 5 ++++
src/libvirt_private.syms | 1 +
src/qemu/qemu_driver.c | 34 +-------------------------
4 files changed, 60 insertions(+), 33 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 2d8ae7e860..09aa81f476 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -31134,3 +31134,56 @@ virHostdevIsVFIODevice(const
virDomainHostdevDef *hostdev)
hostdev->source.subsys.type ==
VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI &&
hostdev->source.subsys.u.pci.backend ==
VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO;
}
+
+
+/**
+ * virDomainObjGetMessages:
+ * @vm: domain object
+ * @msgs: pointer to a variable to store messages
+ * @flags: zero or more virDomainMessageType flags
+ *
+ * Returns number of messages stored in @msgs, -1 otherwise.
+ */
+int
+virDomainObjGetMessages(virDomainObj *vm,
+ char ***msgs,
+ unsigned int flags)
+{
+ size_t i, n;
+ int nmsgs;
+ int rv = -1;
+
+ *msgs = NULL;
+ nmsgs = 0;
+ n = 0;
+
+ if (!flags || (flags & VIR_DOMAIN_MESSAGE_TAINTING)) {
+ nmsgs += __builtin_popcount(vm->taint);
+ *msgs = g_renew(char *, *msgs, nmsgs+1);
+
+ for (i = 0; i < VIR_DOMAIN_TAINT_LAST; i++) {
+ if (vm->taint & (1 << i)) {
+ (*msgs)[n++] = g_strdup_printf(
+ _("tainted: %s"),
+ _(virDomainTaintMessageTypeToString(i)));
+ }
+ }
+ }
+
+ if (!flags || (flags & VIR_DOMAIN_MESSAGE_DEPRECATION)) {
+ nmsgs += vm->ndeprecations;
+ *msgs = g_renew(char *, *msgs, nmsgs+1);
+
+ for (i = 0; i < vm->ndeprecations; i++) {
+ (*msgs)[n++] = g_strdup_printf(
+ _("deprecated configuration: %s"),
+ vm->deprecations[i]);
+ }
+ }
+
+ (*msgs)[nmsgs] = NULL;
+
+ rv = nmsgs;
+
+ return rv;
+}
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index c31531c93b..35cdfa3a9f 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -4142,3 +4142,8 @@ virHostdevIsMdevDevice(const
virDomainHostdevDef *hostdev)
bool
virHostdevIsVFIODevice(const virDomainHostdevDef *hostdev)
ATTRIBUTE_NONNULL(1);
+
+int
+virDomainObjGetMessages(virDomainObj *vm,
+ char ***msgs,
+ unsigned int flags);
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index cc7533a707..b20bcb2c65 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -564,6 +564,7 @@ virDomainObjDeprecation;
virDomainObjEndAPI;
virDomainObjFormat;
virDomainObjGetDefs;
+virDomainObjGetMessages;
virDomainObjGetMetadata;
virDomainObjGetOneDef;
virDomainObjGetOneDefState;
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 235f575901..592e1236e7 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -20319,8 +20319,6 @@ qemuDomainGetMessages(virDomainPtr dom,
{
virDomainObj *vm = NULL;
int rv = -1;
- size_t i, n;
- int nmsgs;
virCheckFlags(VIR_DOMAIN_MESSAGE_DEPRECATION |
VIR_DOMAIN_MESSAGE_TAINTING, -1);
@@ -20331,37 +20329,7 @@ qemuDomainGetMessages(virDomainPtr dom,
if (virDomainGetMessagesEnsureACL(dom->conn, vm->def) < 0)
goto cleanup;
- *msgs = NULL;
- nmsgs = 0;
- n = 0;
-
- if (!flags || (flags & VIR_DOMAIN_MESSAGE_TAINTING)) {
- nmsgs += __builtin_popcount(vm->taint);
- *msgs = g_renew(char *, *msgs, nmsgs+1);
-
- for (i = 0; i < VIR_DOMAIN_TAINT_LAST; i++) {
- if (vm->taint & (1 << i)) {
- (*msgs)[n++] = g_strdup_printf(
- _("tainted: %s"),
- _(virDomainTaintMessageTypeToString(i)));
- }
- }
- }
-
- if (!flags || (flags & VIR_DOMAIN_MESSAGE_DEPRECATION)) {
- nmsgs += vm->ndeprecations;
- *msgs = g_renew(char *, *msgs, nmsgs+1);
-
- for (i = 0; i < vm->ndeprecations; i++) {
- (*msgs)[n++] = g_strdup_printf(
- _("deprecated configuration: %s"),
- vm->deprecations[i]);
- }
- }
-
- (*msgs)[nmsgs] = NULL;
-
- rv = nmsgs;
+ rv = virDomainObjGetMessages(vm, msgs, flags);
cleanup:
virDomainObjEndAPI(&vm);
I just find out that maybe I should extract the function to
hypervisor/domain_driver.c? If the left parts of the patch set are fine
then I will send v5 to extract the function to
hypervisor/domain_driver.
Thanks
6:50 a.m.
New subject: [PATCH v4 1/4] conf: domain: Introduce and use virDomainObjGetMessages()
On Tue, Jul 13, 2021 at 10:54:14AM +0800, Luke Yue wrote:
On Mon, 2021-07-12 at 19:32 +0800, Luke Yue wrote:
> The test driver and qemu driver could share the same code in
> virDomainGetMessages(), so extract it to a function.
>
> Signed-off-by: Luke Yue <lukedyue(a)gmail.com>
> ---
> src/conf/domain_conf.c | 53
> ++++++++++++++++++++++++++++++++++++++++
> src/conf/domain_conf.h | 5 ++++
> src/libvirt_private.syms | 1 +
> src/qemu/qemu_driver.c | 34 +-------------------------
> 4 files changed, 60 insertions(+), 33 deletions(-)
>
> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> index 2d8ae7e860..09aa81f476 100644
> --- a/src/conf/domain_conf.c
> +++ b/src/conf/domain_conf.c
> @@ -31134,3 +31134,56 @@ virHostdevIsVFIODevice(const
> virDomainHostdevDef *hostdev)
> hostdev->source.subsys.type ==
> VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI &&
> hostdev->source.subsys.u.pci.backend ==
> VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO;
> }
> +
> +
> +/**
> + * virDomainObjGetMessages:
> + * @vm: domain object
> + * @msgs: pointer to a variable to store messages
> + * @flags: zero or more virDomainMessageType flags
> + *
> + * Returns number of messages stored in @msgs, -1 otherwise.
> + */
> +int
> +virDomainObjGetMessages(virDomainObj *vm,
> + char ***msgs,
> + unsigned int flags)
> +{
> + size_t i, n;
> + int nmsgs;
> + int rv = -1;
> +
> + *msgs = NULL;
> + nmsgs = 0;
> + n = 0;
> +
No need to split these any more, I'll join them with the declarations
before pushing.
> + if (!flags || (flags & VIR_DOMAIN_MESSAGE_TAINTING)) {
> + nmsgs += __builtin_popcount(vm->taint);
> + *msgs = g_renew(char *, *msgs, nmsgs+1);
> +
> + for (i = 0; i < VIR_DOMAIN_TAINT_LAST; i++) {
> + if (vm->taint & (1 << i)) {
> + (*msgs)[n++] = g_strdup_printf(
> + _("tainted: %s"),
> + _(virDomainTaintMessageTypeToString(i)));
> + }
> + }
> + }
> +
> + if (!flags || (flags & VIR_DOMAIN_MESSAGE_DEPRECATION)) {
> + nmsgs += vm->ndeprecations;
> + *msgs = g_renew(char *, *msgs, nmsgs+1);
> +
> + for (i = 0; i < vm->ndeprecations; i++) {
> + (*msgs)[n++] = g_strdup_printf(
> + _("deprecated configuration: %s"),
> + vm->deprecations[i]);
> + }
> + }
> +
> + (*msgs)[nmsgs] = NULL;
> +
> + rv = nmsgs;
> +
> + return rv;
> +}
> diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
> index c31531c93b..35cdfa3a9f 100644
> --- a/src/conf/domain_conf.h
> +++ b/src/conf/domain_conf.h
> @@ -4142,3 +4142,8 @@ virHostdevIsMdevDevice(const
> virDomainHostdevDef *hostdev)
> bool
> virHostdevIsVFIODevice(const virDomainHostdevDef *hostdev)
> ATTRIBUTE_NONNULL(1);
> +
> +int
> +virDomainObjGetMessages(virDomainObj *vm,
> + char ***msgs,
> + unsigned int flags);
> diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
> index cc7533a707..b20bcb2c65 100644
> --- a/src/libvirt_private.syms
> +++ b/src/libvirt_private.syms
> @@ -564,6 +564,7 @@ virDomainObjDeprecation;
> virDomainObjEndAPI;
> virDomainObjFormat;
> virDomainObjGetDefs;
> +virDomainObjGetMessages;
> virDomainObjGetMetadata;
> virDomainObjGetOneDef;
> virDomainObjGetOneDefState;
> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> index 235f575901..592e1236e7 100644
> --- a/src/qemu/qemu_driver.c
> +++ b/src/qemu/qemu_driver.c
> @@ -20319,8 +20319,6 @@ qemuDomainGetMessages(virDomainPtr dom,
> {
> virDomainObj *vm = NULL;
> int rv = -1;
> - size_t i, n;
> - int nmsgs;
>
> virCheckFlags(VIR_DOMAIN_MESSAGE_DEPRECATION |
> VIR_DOMAIN_MESSAGE_TAINTING, -1);
> @@ -20331,37 +20329,7 @@ qemuDomainGetMessages(virDomainPtr dom,
> if (virDomainGetMessagesEnsureACL(dom->conn, vm->def) < 0)
> goto cleanup;
>
> - *msgs = NULL;
> - nmsgs = 0;
> - n = 0;
> -
> - if (!flags || (flags & VIR_DOMAIN_MESSAGE_TAINTING)) {
> - nmsgs += __builtin_popcount(vm->taint);
> - *msgs = g_renew(char *, *msgs, nmsgs+1);
> -
> - for (i = 0; i < VIR_DOMAIN_TAINT_LAST; i++) {
> - if (vm->taint & (1 << i)) {
> - (*msgs)[n++] = g_strdup_printf(
> - _("tainted: %s"),
> - _(virDomainTaintMessageTypeToString(i)));
> - }
> - }
> - }
> -
> - if (!flags || (flags & VIR_DOMAIN_MESSAGE_DEPRECATION)) {
> - nmsgs += vm->ndeprecations;
> - *msgs = g_renew(char *, *msgs, nmsgs+1);
> -
> - for (i = 0; i < vm->ndeprecations; i++) {
> - (*msgs)[n++] = g_strdup_printf(
> - _("deprecated configuration: %s"),
> - vm->deprecations[i]);
> - }
> - }
> -
> - (*msgs)[nmsgs] = NULL;
> -
> - rv = nmsgs;
> + rv = virDomainObjGetMessages(vm, msgs, flags);
>
> cleanup:
> virDomainObjEndAPI(&vm);
I just find out that maybe I should extract the function to
hypervisor/domain_driver.c? If the left parts of the patch set are fine
then I will send v5 to extract the function to
hypervisor/domain_driver.
I would rather go for domain_conf, we can always move it later if
needed.
Thanks
6:32 a.m.
New subject: [PATCH v4 2/4] test_driver: Implement virDomainGetMessages
Signed-off-by: Luke Yue <lukedyue(a)gmail.com>
---
src/test/test_driver.c | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/src/test/test_driver.c b/src/test/test_driver.c
index 65710b78ef..ef406a3d99 100644
--- a/src/test/test_driver.c
+++ b/src/test/test_driver.c
@@ -9331,6 +9331,26 @@ testDomainCheckpointDelete(virDomainCheckpointPtr checkpoint,
return ret;
}
+static int
+testDomainGetMessages(virDomainPtr dom,
+ char ***msgs,
+ unsigned int flags)
+{
+ virDomainObj *vm = NULL;
+ int rv = -1;
+
+ virCheckFlags(VIR_DOMAIN_MESSAGE_DEPRECATION |
+ VIR_DOMAIN_MESSAGE_TAINTING, -1);
+
+ if (!(vm = testDomObjFromDomain(dom)))
+ return -1;
+
+ rv = virDomainObjGetMessages(vm, msgs, flags);
+
+ virDomainObjEndAPI(&vm);
+ return rv;
+}
+
/*
* Test driver
*/
@@ -9489,6 +9509,7 @@ static virHypervisorDriver testHypervisorDriver = {
.domainCheckpointLookupByName = testDomainCheckpointLookupByName, /* 5.6.0 */
.domainCheckpointGetParent = testDomainCheckpointGetParent, /* 5.6.0 */
.domainCheckpointDelete = testDomainCheckpointDelete, /* 5.6.0 */
+ .domainGetMessages = testDomainGetMessages, /* 7.6.0 */
};
static virNetworkDriver testNetworkDriver = {
--
2.32.0
6:32 a.m.
New subject: [PATCH v4 3/4] test_driver: Introduce testDomainObjCheckTaint
In order to test the virDomainGetMessages for test driver, we need to
check some taints or deprecations, so introduce testDomainObjCheckTaint
for checking taints.
As we introduced testDomainObjCheckTaint for test driver, the `dominfo`
command in virshtest will now print tainting messages, so add them for
test.
Signed-off-by: Luke Yue <lukedyue(a)gmail.com>
---
src/test/test_driver.c | 77 ++++++++++++++++++++++++++++++++++++++++++
tests/virshtest.c | 2 ++
2 files changed, 79 insertions(+)
diff --git a/src/test/test_driver.c b/src/test/test_driver.c
index ef406a3d99..ca9c2fa2fb 100644
--- a/src/test/test_driver.c
+++ b/src/test/test_driver.c
@@ -747,6 +747,81 @@ static char *testBuildFilename(const char *relativeTo,
return g_strdup_printf("%s/%s", basename, filename);
}
+static void
+testDomainObjCheckCPUTaint(virDomainObj *obj)
+{
+ switch (obj->def->cpu->mode) {
+ case VIR_CPU_MODE_CUSTOM:
+ if (obj->def->cpu->model)
+ if (STREQ(obj->def->cpu->model, "Deprecated-Test")) {
+ virDomainObjTaint(obj, VIR_DOMAIN_TAINT_DEPRECATED_CONFIG);
+ virDomainObjDeprecation(obj, "CPU model Deprecated-Test");
+ }
+
+ break;
+ default:
+ break;
+ }
+}
+
+static void
+testDomainObjCheckDiskTaint(virDomainObj *obj,
+ virDomainDiskDef *disk)
+{
+ if (disk->rawio == VIR_TRISTATE_BOOL_YES)
+ virDomainObjTaint(obj, VIR_DOMAIN_TAINT_HIGH_PRIVILEGES);
+
+ if (disk->device == VIR_DOMAIN_DISK_DEVICE_CDROM &&
+ virStorageSourceGetActualType(disk->src) == VIR_STORAGE_TYPE_BLOCK &&
+ disk->src->path)
+ virDomainObjTaint(obj, VIR_DOMAIN_TAINT_CDROM_PASSTHROUGH);
+}
+
+static void
+testDomainObjCheckHostdevTaint(virDomainObj *obj,
+ virDomainHostdevDef *hostdev)
+{
+ if (!virHostdevIsSCSIDevice(hostdev))
+ return;
+
+ if (hostdev->source.subsys.u.scsi.rawio == VIR_TRISTATE_BOOL_YES)
+ virDomainObjTaint(obj, VIR_DOMAIN_TAINT_HIGH_PRIVILEGES);
+}
+
+static void
+testDomainObjCheckNetTaint(virDomainObj *obj,
+ virDomainNetDef *net)
+{
+ /* script is only useful for NET_TYPE_ETHERNET (qemu) and
+ * NET_TYPE_BRIDGE (xen), but could be (incorrectly) specified for
+ * any interface type. In any case, it's adding user sauce into
+ * the soup, so it should taint the domain.
+ */
+ if (net->script != NULL)
+ virDomainObjTaint(obj, VIR_DOMAIN_TAINT_SHELL_SCRIPTS);
+}
+
+static void
+testDomainObjCheckTaint(virDomainObj *obj)
+{
+ size_t i;
+
+ for (i = 0; i < obj->def->ndisks; i++)
+ testDomainObjCheckDiskTaint(obj, obj->def->disks[i]);
+
+ for (i = 0; i < obj->def->nhostdevs; i++)
+ testDomainObjCheckHostdevTaint(obj, obj->def->hostdevs[i]);
+
+ for (i = 0; i < obj->def->nnets; i++)
+ testDomainObjCheckNetTaint(obj, obj->def->nets[i]);
+
+ if (obj->def->cpu)
+ testDomainObjCheckCPUTaint(obj);
+
+ if (obj->def->os.dtb)
+ virDomainObjTaint(obj, VIR_DOMAIN_TAINT_CUSTOM_DTB);
+}
+
static xmlNodePtr
testParseXMLDocFromFile(xmlNodePtr node, const char *file, const char *type)
{
@@ -969,6 +1044,8 @@ testParseDomains(testDriver *privconn,
}
virDomainObjSetState(obj, nsdata->runstate, 0);
+ testDomainObjCheckTaint(obj);
+
virDomainObjEndAPI(&obj);
}
diff --git a/tests/virshtest.c b/tests/virshtest.c
index c1974c46cb..937448cefc 100644
--- a/tests/virshtest.c
+++ b/tests/virshtest.c
@@ -22,6 +22,7 @@ main(void)
# define DOM_UUID "ef861801-45b9-11cb-88e3-afbfe5370493"
# define SECURITY_LABEL "libvirt-test (enforcing)"
+# define MESSAGES "tainted: network configuration using opaque shell scripts"
static const char *dominfo_fc4 = "\
Id: 2\n\
@@ -38,6 +39,7 @@ Managed save: no\n\
Security model: testSecurity\n\
Security DOI: \n\
Security label: " SECURITY_LABEL "\n\
+Messages: " MESSAGES "\n\
\n";
static const char *domuuid_fc4 = DOM_UUID "\n\n";
static const char *domid_fc4 = "2\n\n";
--
2.32.0
6:32 a.m.
New subject: [PATCH v4 4/4] examples: test: Add a new test xml with more tainted configs for testing
Signed-off-by: Luke Yue <lukedyue(a)gmail.com>
---
examples/xml/test/testdomfc5.xml | 51 ++++++++++++++++++++++++++
examples/xml/test/testnode.xml | 1 +
examples/xml/test/testnodeinline.xml | 51 ++++++++++++++++++++++++++
tests/virshtest.c | 54 +++++++++++++++++++++++-----
4 files changed, 148 insertions(+), 9 deletions(-)
create mode 100644 examples/xml/test/testdomfc5.xml
diff --git a/examples/xml/test/testdomfc5.xml b/examples/xml/test/testdomfc5.xml
new file mode 100644
index 0000000000..a8afc211f6
--- /dev/null
+++ b/examples/xml/test/testdomfc5.xml
@@ -0,0 +1,51 @@
+<domain type='test'>
+ <name>fc5</name>
+ <uuid>08721f993d1d4aec96eb97803297bb36</uuid>
+ <cpu mode='custom'>
+ <model>Deprecated-Test</model>
+ <vendor>Libvirt</vendor>
+ <topology sockets='1' dies='1' cores='4'
threads='1'/>
+ </cpu>
+ <os>
+ <type>hvm</type>
+ <loader>/usr/lib/xen/boot/hvmloader</loader>
+ <dtb>/root/ppc.dtb</dtb>
+ <boot dev='hd'/>
+ </os>
+ <memory>2097152</memory>
+ <vcpu>4</vcpu>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>restart</on_crash>
+ <features>
+ <pae/>
+ <acpi/>
+ <apic/>
+ </features>
+ <devices>
+ <emulator>/usr/lib/xen/bin/qemu-dm</emulator>
+ <interface type='bridge'>
+ <source bridge='xenbr0'/>
+ <mac address='00:16:3e:5d:c7:26'/>
+ <script path='vif-bridge'/>
+ </interface>
+ <disk type='file'>
+ <source file='/root/fv0'/>
+ <target dev='hda'/>
+ </disk>
+ <disk type='block' device='cdrom'>
+ <source dev='/dev/sr0'/>
+ <target dev='hdb' bus='ide'/>
+ <readonly/>
+ </disk>
+ <disk type='file' device='floppy'>
+ <source file='/root/fd.img'/>
+ <target dev='fda'/>
+ </disk>
+ <disk type='block' device='lun' rawio='yes'>
+ <source
dev='/dev/disk/by-path/ip-127.0.0.1:3260-iscsi-test.target-lun-0'/>
+ <target dev='sda' bus='scsi'/>
+ </disk>
+ <graphics type='vnc' port='5904'/>
+ </devices>
+</domain>
diff --git a/examples/xml/test/testnode.xml b/examples/xml/test/testnode.xml
index 001e353b1d..64d1590a30 100644
--- a/examples/xml/test/testnode.xml
+++ b/examples/xml/test/testnode.xml
@@ -9,6 +9,7 @@
-->
<domain file="testdomfv0.xml"/>
<domain file="testdomfc4.xml"/>
+ <domain file="testdomfc5.xml"/>
<network file="testnetpriv.xml"/>
<network file="testnetdef.xml"/>
<pool file="testpool.xml">
diff --git a/examples/xml/test/testnodeinline.xml b/examples/xml/test/testnodeinline.xml
index 0ec0f1ace6..60970145a0 100644
--- a/examples/xml/test/testnodeinline.xml
+++ b/examples/xml/test/testnodeinline.xml
@@ -75,6 +75,57 @@
<console tty="/dev/pts/5"/>
</devices>
</domain>
+ <domain type='test'>
+ <name>fc5</name>
+ <uuid>08721f993d1d4aec96eb97803297bb36</uuid>
+ <cpu mode='custom'>
+ <model>Deprecated-Test</model>
+ <vendor>Libvirt</vendor>
+ <topology sockets='1' dies='1' cores='4'
threads='1'/>
+ </cpu>
+ <os>
+ <type>hvm</type>
+ <loader>/usr/lib/xen/boot/hvmloader</loader>
+ <dtb>/root/ppc.dtb</dtb>
+ <boot dev='hd'/>
+ </os>
+ <memory>2097152</memory>
+ <vcpu>4</vcpu>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>restart</on_crash>
+ <features>
+ <pae/>
+ <acpi/>
+ <apic/>
+ </features>
+ <devices>
+ <emulator>/usr/lib/xen/bin/qemu-dm</emulator>
+ <interface type='bridge'>
+ <source bridge='xenbr0'/>
+ <mac address='00:16:3e:5d:c7:26'/>
+ <script path='vif-bridge'/>
+ </interface>
+ <disk type='file'>
+ <source file='/root/fv0'/>
+ <target dev='hda'/>
+ </disk>
+ <disk type='block' device='cdrom'>
+ <source dev='/dev/sr0'/>
+ <target dev='hdb' bus='ide'/>
+ <readonly/>
+ </disk>
+ <disk type='file' device='floppy'>
+ <source file='/root/fd.img'/>
+ <target dev='fda'/>
+ </disk>
+ <disk type='block' device='lun' rawio='yes'>
+ <source
dev='/dev/disk/by-path/ip-127.0.0.1:3260-iscsi-test.target-lun-0'/>
+ <target dev='sda' bus='scsi'/>
+ </disk>
+ <graphics type='vnc' port='5904'/>
+ </devices>
+ </domain>
<network>
<name>private</name>
<uuid>004b22212d78c30f5aa5f03c87d21e69</uuid>
diff --git a/tests/virshtest.c b/tests/virshtest.c
index 937448cefc..ef2b879e8d 100644
--- a/tests/virshtest.c
+++ b/tests/virshtest.c
@@ -20,14 +20,21 @@ main(void)
#else
-# define DOM_UUID "ef861801-45b9-11cb-88e3-afbfe5370493"
+# define DOM_FC4_UUID "ef861801-45b9-11cb-88e3-afbfe5370493"
+# define DOM_FC5_UUID "08721f99-3d1d-4aec-96eb-97803297bb36"
# define SECURITY_LABEL "libvirt-test (enforcing)"
-# define MESSAGES "tainted: network configuration using opaque shell scripts"
+# define FC4_MESSAGES "tainted: network configuration using opaque shell
scripts"
+# define FC5_MESSAGES "tainted: running with undesirable elevated privileges\n\
+ tainted: network configuration using opaque shell scripts\n\
+ tainted: use of host cdrom passthrough\n\
+ tainted: custom device tree blob used\n\
+ tainted: use of deprecated configuration settings\n\
+ deprecated configuration: CPU model Deprecated-Test"
static const char *dominfo_fc4 = "\
Id: 2\n\
Name: fc4\n\
-UUID: " DOM_UUID "\n\
+UUID: " DOM_FC4_UUID "\n\
OS Type: linux\n\
State: running\n\
CPU(s): 1\n\
@@ -39,12 +46,29 @@ Managed save: no\n\
Security model: testSecurity\n\
Security DOI: \n\
Security label: " SECURITY_LABEL "\n\
-Messages: " MESSAGES "\n\
+Messages: " FC4_MESSAGES "\n\
\n";
-static const char *domuuid_fc4 = DOM_UUID "\n\n";
+static const char *domuuid_fc4 = DOM_FC4_UUID "\n\n";
static const char *domid_fc4 = "2\n\n";
static const char *domname_fc4 = "fc4\n\n";
static const char *domstate_fc4 = "running\n\n";
+static const char *dominfo_fc5 = "\
+Id: 3\n\
+Name: fc5\n\
+UUID: " DOM_FC5_UUID "\n\
+OS Type: linux\n\
+State: running\n\
+CPU(s): 4\n\
+Max memory: 2097152 KiB\n\
+Used memory: 2097152 KiB\n\
+Persistent: yes\n\
+Autostart: disable\n\
+Managed save: no\n\
+Security model: testSecurity\n\
+Security DOI: \n\
+Security label: " SECURITY_LABEL "\n\
+Messages: " FC5_MESSAGES "\n\
+\n";
static int testFilterLine(char *buffer,
const char *toRemove)
@@ -128,6 +152,7 @@ static int testCompareListCustom(const void *data G_GNUC_UNUSED)
----------------------\n\
1 fv0 running\n\
2 fc4 running\n\
+ 3 fc5 running\n\
\n";
return testCompareOutputLit(exp, NULL, argv);
}
@@ -177,7 +202,7 @@ static int testCompareDominfoByID(const void *data G_GNUC_UNUSED)
static int testCompareDominfoByUUID(const void *data G_GNUC_UNUSED)
{
- const char *const argv[] = { VIRSH_CUSTOM, "dominfo", DOM_UUID, NULL };
+ const char *const argv[] = { VIRSH_CUSTOM, "dominfo", DOM_FC4_UUID, NULL
};
const char *exp = dominfo_fc4;
return testCompareOutputLit(exp, "\nCPU time:", argv);
}
@@ -189,6 +214,13 @@ static int testCompareDominfoByName(const void *data G_GNUC_UNUSED)
return testCompareOutputLit(exp, "\nCPU time:", argv);
}
+static int testCompareTaintedDominfoByName(const void *data G_GNUC_UNUSED)
+{
+ const char *const argv[] = { VIRSH_CUSTOM, "dominfo", "fc5", NULL
};
+ const char *exp = dominfo_fc5;
+ return testCompareOutputLit(exp, "\nCPU time:", argv);
+}
+
static int testCompareDomuuidByID(const void *data G_GNUC_UNUSED)
{
const char *const argv[] = { VIRSH_CUSTOM, "domuuid", "2", NULL
};
@@ -212,7 +244,7 @@ static int testCompareDomidByName(const void *data G_GNUC_UNUSED)
static int testCompareDomidByUUID(const void *data G_GNUC_UNUSED)
{
- const char *const argv[] = { VIRSH_CUSTOM, "domid", DOM_UUID, NULL };
+ const char *const argv[] = { VIRSH_CUSTOM, "domid", DOM_FC4_UUID, NULL };
const char *exp = domid_fc4;
return testCompareOutputLit(exp, NULL, argv);
}
@@ -226,7 +258,7 @@ static int testCompareDomnameByID(const void *data G_GNUC_UNUSED)
static int testCompareDomnameByUUID(const void *data G_GNUC_UNUSED)
{
- const char *const argv[] = { VIRSH_CUSTOM, "domname", DOM_UUID, NULL };
+ const char *const argv[] = { VIRSH_CUSTOM, "domname", DOM_FC4_UUID, NULL
};
const char *exp = domname_fc4;
return testCompareOutputLit(exp, NULL, argv);
}
@@ -240,7 +272,7 @@ static int testCompareDomstateByID(const void *data G_GNUC_UNUSED)
static int testCompareDomstateByUUID(const void *data G_GNUC_UNUSED)
{
- const char *const argv[] = { VIRSH_CUSTOM, "domstate", DOM_UUID, NULL };
+ const char *const argv[] = { VIRSH_CUSTOM, "domstate", DOM_FC4_UUID, NULL
};
const char *exp = domstate_fc4;
return testCompareOutputLit(exp, NULL, argv);
}
@@ -300,6 +332,10 @@ mymain(void)
testCompareDominfoByName, NULL) != 0)
ret = -1;
+ if (virTestRun("virsh dominfo (by name, more tainted messages)",
+ testCompareTaintedDominfoByName, NULL) != 0)
+ ret = -1;
+
if (virTestRun("virsh domid (by name)",
testCompareDomidByName, NULL) != 0)
ret = -1;
--
2.32.0
7:08 a.m.
On Mon, Jul 12, 2021 at 07:32:13PM +0800, Luke Yue wrote:
v4:
- Move testDomainObjCheckTaint to testParseDomains()
- Add CPU tainted and deprecation check
- Add a new xml with more tainted configs
With the modification suggested in 1/4:0
Reviewed-by: Martin Kletzander <mkletzan(a)redhat.com>
Luke Yue (4):
conf: domain: Introduce and use virDomainObjGetMessages()
test_driver: Implement virDomainGetMessages
test_driver: Introduce testDomainObjCheckTaint
examples: test: Add a new test xml with more tainted configs for
testing
examples/xml/test/testdomfc5.xml | 51 +++++++++++++++
examples/xml/test/testnode.xml | 1 +
examples/xml/test/testnodeinline.xml | 51 +++++++++++++++
src/conf/domain_conf.c | 53 +++++++++++++++
src/conf/domain_conf.h | 5 ++
src/libvirt_private.syms | 1 +
src/qemu/qemu_driver.c | 34 +---------
src/test/test_driver.c | 98 ++++++++++++++++++++++++++++
tests/virshtest.c | 52 +++++++++++++--
9 files changed, 306 insertions(+), 40 deletions(-)
create mode 100644 examples/xml/test/testdomfc5.xml
--
2.32.0
1202
days inactive
1224
days old
7 comments
2 participants
participants (2)
-
Luke Yue -
Martin Kletzander