From: Michal Privoznik <mprivozn@redhat.com>
Date: Mon, 25 Apr 2016 05:47:59 +0000 (+0200)
Subject: qemuProcessCreatePretendCmd: Rework FIPS handling
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=927d047ee7ff4ebc27a95fd47f8abc6031d870bd;p=libvirt.git

qemuProcessCreatePretendCmd: Rework FIPS handling

This function - in contrast with qemuBuildCommandLine - merely
constructs our internal command representation of a domain. This
is then later compared against expected output. Or, this function
is used also in virConnectDomainXMLToNative(). But due to a copy
paste error this function, just like its image - has @forceFips
argument that if enabled forces FIPS, otherwise mimics FIPS state
in the host. If FIPS is enabled or forced the generated command
line is different to state in which FIPS is disabled. Problem is,
while this could be desired in the virConnectDomainXMLToNative()
case, this is undesirable in the test suite as it will produce
unpredicted results.
Solution to this is to rename argument to @enableFips to
specifically tell whether we expect command line to be build in
either of fashions and make virConnectDomainXMLToNative()
implementation fetch FIPS state and pass it to
qemuProcessCreatePretendCmd().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 91ed0fa459..542d13c2ac 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -7060,7 +7060,8 @@ static char *qemuConnectDomainXMLToNative(virConnectPtr conn,
         }
     }
 
-    if (!(cmd = qemuProcessCreatePretendCmd(conn, driver, vm, NULL, false, true,
+    if (!(cmd = qemuProcessCreatePretendCmd(conn, driver, vm, NULL,
+                                            qemuCheckFips(), true,
                                             VIR_QEMU_PROCESS_START_COLD)))
         goto cleanup;
 
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 8a2f65fe7f..0ccc3ac643 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -5715,7 +5715,7 @@ qemuProcessCreatePretendCmd(virConnectPtr conn,
                             virQEMUDriverPtr driver,
                             virDomainObjPtr vm,
                             const char *migrateURI,
-                            bool forceFips,
+                            bool enableFips,
                             bool standalone,
                             unsigned int flags)
 {
@@ -5747,7 +5747,7 @@ qemuProcessCreatePretendCmd(virConnectPtr conn,
                                NULL,
                                VIR_NETDEV_VPORT_PROFILE_OP_NO_OP,
                                standalone,
-                               forceFips ? true : qemuCheckFips(),
+                               enableFips,
                                priv->autoNodeset,
                                NULL,
                                NULL,
diff --git a/src/qemu/qemu_process.h b/src/qemu/qemu_process.h
index 98cc9a849f..b7262a7e0f 100644
--- a/src/qemu/qemu_process.h
+++ b/src/qemu/qemu_process.h
@@ -85,7 +85,7 @@ virCommandPtr qemuProcessCreatePretendCmd(virConnectPtr conn,
                                           virQEMUDriverPtr driver,
                                           virDomainObjPtr vm,
                                           const char *migrateURI,
-                                          bool forceFips,
+                                          bool enableFips,
                                           bool standalone,
                                           unsigned int flags);