Commit
b170eb99 introduced a bug: domains that had an explicit
<seclabel type='none'/> when started would not be reparsed if
libvirtd restarted. It turns out that our testsuite was not
exercising this because it never tried anything but inactive
parsing. Additionally, the live XML for such a domain failed
to re-validate. Applying just the tests/ portion of this patch
will expose the bugs that are fixed by the other two files.
* docs/schemas/domaincommon.rng (seclabel): Allow relabel under
type='none'.
* src/conf/domain_conf.c (virSecurityLabelDefParseXML): Per RNG,
presence of <seclabel> with no type implies dynamic. Don't
require sub-elements for type='none'.
* tests/qemuxml2xmltest.c (mymain): Add test.
* tests/qemuxml2argvtest.c (mymain): Likewise.
* tests/qemuxml2argvdata/qemuxml2argv-seclabel-none.xml: Add file.
* tests/qemuxml2argvdata/qemuxml2argv-seclabel-none.args: Add file.
Reported by Ansis Atteka.
</interleave>
</group>
<group>
+ <!-- with none, relabel must be no if present -->
<attribute name='type'>
<value>none</value>
</attribute>
+ <optional>
+ <attribute name='relabel'>
+ <value>no</value>
+ </attribute>
+ </optional>
</group>
</choice>
</element>
p = virXPathStringLimit("string(./seclabel/@type)",
VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
if (p == NULL) {
- virDomainReportError(VIR_ERR_XML_ERROR,
- "%s", _("missing security type"));
- goto error;
- }
-
- def->type = virDomainSeclabelTypeFromString(p);
- VIR_FREE(p);
- if (def->type <= 0) {
- virDomainReportError(VIR_ERR_XML_ERROR,
- "%s", _("invalid security type"));
- goto error;
+ def->type = VIR_DOMAIN_SECLABEL_DYNAMIC;
+ } else {
+ def->type = virDomainSeclabelTypeFromString(p);
+ VIR_FREE(p);
+ if (def->type <= 0) {
+ virDomainReportError(VIR_ERR_XML_ERROR,
+ "%s", _("invalid security type"));
+ goto error;
+ }
}
p = virXPathStringLimit("string(./seclabel/@relabel)",
* if the 'live' VM XML is requested
*/
if (def->type == VIR_DOMAIN_SECLABEL_STATIC ||
- !(flags & VIR_DOMAIN_XML_INACTIVE)) {
+ (!(flags & VIR_DOMAIN_XML_INACTIVE) &&
+ def->type != VIR_DOMAIN_SECLABEL_NONE)) {
p = virXPathStringLimit("string(./seclabel/label[1])",
VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
if (p == NULL) {
/* Only parse imagelabel, if requested live XML with relabeling */
if (!def->norelabel &&
- !(flags & VIR_DOMAIN_XML_INACTIVE)) {
+ (!(flags & VIR_DOMAIN_XML_INACTIVE) &&
+ def->type != VIR_DOMAIN_SECLABEL_NONE)) {
p = virXPathStringLimit("string(./seclabel/imagelabel[1])",
VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
if (p == NULL) {
def->imagelabel = p;
}
- /* Only parse baselabel, for dynamic or none label types */
- if (def->type == VIR_DOMAIN_SECLABEL_DYNAMIC ||
- def->type == VIR_DOMAIN_SECLABEL_NONE) {
+ /* Only parse baselabel for dynamic label type */
+ if (def->type == VIR_DOMAIN_SECLABEL_DYNAMIC) {
p = virXPathStringLimit("string(./seclabel/baselabel[1])",
VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
- if (p != NULL) {
- def->baselabel = p;
- /* Forces none type to dynamic for back compat */
- def->type = VIR_DOMAIN_SECLABEL_DYNAMIC;
- }
+ def->baselabel = p;
}
/* Only parse model, if static labelling, or a base
*/
if (def->type == VIR_DOMAIN_SECLABEL_STATIC ||
def->baselabel ||
- !(flags & VIR_DOMAIN_XML_INACTIVE)) {
+ (!(flags & VIR_DOMAIN_XML_INACTIVE) &&
+ def->type != VIR_DOMAIN_SECLABEL_NONE)) {
p = virXPathStringLimit("string(./seclabel/@model)",
VIR_SECURITY_MODEL_BUFLEN-1, ctxt);
if (p == NULL) {
--- /dev/null
+LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test /usr/bin/qemu -S -M \
+pc -m 214 -smp 1 -name QEMUGuest1 -nographic -monitor unix:/tmp/test-monitor,\
+server,nowait -no-acpi -boot c -hda /dev/HostVG/QEMUGuest1 -net none -serial \
+none -parallel none -usb
--- /dev/null
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory>219100</memory>
+ <currentMemory>219100</currentMemory>
+ <vcpu cpuset='1-4,8-20,525'>1</vcpu>
+ <os>
+ <type arch='i686' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu</emulator>
+ <disk type='block' device='disk'>
+ <source dev='/dev/HostVG/QEMUGuest1'/>
+ <target dev='hda' bus='ide'/>
+ <address type='drive' controller='0' bus='0' unit='0'/>
+ </disk>
+ <controller type='ide' index='0'/>
+ <memballoon model='virtio'/>
+ </devices>
+ <seclabel type='none' relabel='no'/>
+</domain>
DO_TEST("seclabel-dynamic-override", false, QEMU_CAPS_NAME);
DO_TEST("seclabel-static", false, QEMU_CAPS_NAME);
DO_TEST("seclabel-static-relabel", false, QEMU_CAPS_NAME);
+ DO_TEST("seclabel-none", false, QEMU_CAPS_NAME);
DO_TEST("pseries-basic", false,
QEMU_CAPS_CHARDEV, QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG);
static struct qemud_driver driver;
static int
-testCompareXMLToXMLFiles(const char *inxml, const char *outxml)
+testCompareXMLToXMLFiles(const char *inxml, const char *outxml, bool live)
{
char *inXmlData = NULL;
char *outXmlData = NULL;
if (!(def = virDomainDefParseString(driver.caps, inXmlData,
QEMU_EXPECTED_VIRT_TYPES,
- VIR_DOMAIN_XML_INACTIVE)))
+ live ? 0 : VIR_DOMAIN_XML_INACTIVE)))
goto fail;
if (!(actual = virDomainDefFormat(def, VIR_DOMAIN_XML_SECURE)))
struct testInfo {
const char *name;
int different;
+ bool inactive_only;
};
static int
goto cleanup;
if (info->different) {
- ret = testCompareXMLToXMLFiles(xml_in, xml_out);
+ ret = testCompareXMLToXMLFiles(xml_in, xml_out, false);
} else {
- ret = testCompareXMLToXMLFiles(xml_in, xml_in);
+ ret = testCompareXMLToXMLFiles(xml_in, xml_in, false);
+ }
+ if (!info->inactive_only) {
+ if (info->different) {
+ ret = testCompareXMLToXMLFiles(xml_in, xml_out, true);
+ } else {
+ ret = testCompareXMLToXMLFiles(xml_in, xml_in, true);
+ }
}
cleanup:
if ((driver.caps = testQemuCapsInit()) == NULL)
return (EXIT_FAILURE);
-# define DO_TEST_FULL(name, is_different) \
+# define DO_TEST_FULL(name, is_different, inactive) \
do { \
- const struct testInfo info = {name, is_different}; \
+ const struct testInfo info = {name, is_different, inactive}; \
if (virtTestRun("QEMU XML-2-XML " name, \
1, testCompareXMLToXMLHelper, &info) < 0) \
ret = -1; \
} while (0)
# define DO_TEST(name) \
- DO_TEST_FULL(name, 0)
+ DO_TEST_FULL(name, 0, false)
# define DO_TEST_DIFFERENT(name) \
- DO_TEST_FULL(name, 1)
+ DO_TEST_FULL(name, 1, false)
/* Unset or set all envvars here that are copied in qemudBuildCommandLine
* using ADD_ENV_COPY, otherwise these tests may fail due to unexpected
DO_TEST("usb-redir");
DO_TEST("blkdeviotune");
- DO_TEST("seclabel-dynamic-baselabel");
- DO_TEST("seclabel-dynamic-override");
+ DO_TEST_FULL("seclabel-dynamic-baselabel", false, true);
+ DO_TEST_FULL("seclabel-dynamic-override", false, true);
DO_TEST("seclabel-static");
+ DO_TEST("seclabel-none");
/* These tests generate different XML */
DO_TEST_DIFFERENT("balloon-device-auto");
projects / libvirt.git / commitdiff