External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-10-02 04:15:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

conf: fix seclabels for chardevs

Browse Source 
We allow a seclabel to be specified in the <source> element
of a chardev:

<serial type='file'>
  <source path='/tmp/serial.file'>
    <seclabel model='dac' relabel='no'/>
  </source>
</serial>

But we format it outside the source:

<serial type='file'>
  <source path='/tmp/serial.file'/>
  <target port='0'/>
    <seclabel model='dac' relabel='no'/>
</serial>

Move the formatting inside the source to fix this to make the
seclabel persistent across XML format->parse.

Introduced by commit f8b08d0 'Add <seclabel> to character devices.'
This commit is contained in:
Ján Tomko 2014-05-16 14:31:28 +02:00
parent 719ac9e4a7
commit 5ac9b9ddff
3 changed files with 62 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/conf/domain_conf.c
View File

@ -15862,11 +15862,19 @@ virDomainNetDefFormat(virBufferPtr buf,
* output at " type='type'>". */
static int
virDomainChrSourceDefFormat(virBufferPtr buf,
virDomainChrDefPtr chr_def,
virDomainChrSourceDefPtr def,
bool tty_compat,
unsigned int flags)
{
const char *type = virDomainChrTypeToString(def->type);
size_t nseclabels = 0;
virSecurityDeviceLabelDefPtr *seclabels = NULL;
if (chr_def) {
nseclabels = chr_def->nseclabels;
seclabels = chr_def->seclabels;
}
if (!type) {
virReportError(VIR_ERR_INTERNAL_ERROR,
@ -15898,8 +15906,9 @@ virDomainChrSourceDefFormat(virBufferPtr buf,
if (def->type != VIR_DOMAIN_CHR_TYPE_PTY ||
(def->data.file.path &&
!(flags & VIR_DOMAIN_XML_INACTIVE))) {
virBufferEscapeString(buf, "<source path='%s'/>\n",
virBufferEscapeString(buf, "<source path='%s'",
def->data.file.path);
virDomainSourceDefFormatSeclabel(buf, nseclabels, seclabels, flags);
}
break;
@ -15957,7 +15966,7 @@ virDomainChrSourceDefFormat(virBufferPtr buf,
virBufferAsprintf(buf, "<source mode='%s'",
def->data.nix.listen ? "bind" : "connect");
virBufferEscapeString(buf, " path='%s'", def->data.nix.path);
virBufferAddLit(buf, "/>\n");
virDomainSourceDefFormatSeclabel(buf, nseclabels, seclabels, flags);
break;
case VIR_DOMAIN_CHR_TYPE_SPICEPORT:
@ -15979,7 +15988,6 @@ virDomainChrDefFormat(virBufferPtr buf,
const char *targetType = virDomainChrTargetTypeToString(def->deviceType,
def->targetType);
bool tty_compat;
size_t n;
int ret = 0;
@ -15997,7 +16005,7 @@ virDomainChrDefFormat(virBufferPtr buf,
def->source.type == VIR_DOMAIN_CHR_TYPE_PTY &&
!(flags & VIR_DOMAIN_XML_INACTIVE) &&
def->source.data.file.path);
if (virDomainChrSourceDefFormat(buf, &def->source, tty_compat, flags) < 0)
if (virDomainChrSourceDefFormat(buf, def, &def->source, tty_compat, flags) < 0)
return -1;
/* Format <target> block */
@ -16069,14 +16077,6 @@ virDomainChrDefFormat(virBufferPtr buf,
return -1;
}
/* Security label overrides, if any. */
if (def->seclabels && def->nseclabels > 0) {
virBufferAdjustIndent(buf, 2);
for (n = 0; n < def->nseclabels; n++)
virSecurityDeviceLabelDefFormat(buf, def->seclabels[n], flags);
virBufferAdjustIndent(buf, -2);
}
virBufferAdjustIndent(buf, -2);
virBufferAsprintf(buf, "</%s>\n", elementName);
@ -16119,7 +16119,7 @@ virDomainSmartcardDefFormat(virBufferPtr buf,
break;
case VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH:
if (virDomainChrSourceDefFormat(buf, &def->data.passthru, false,
if (virDomainChrSourceDefFormat(buf, NULL, &def->data.passthru, false,
flags) < 0)
return -1;
break;
@ -16384,7 +16384,7 @@ virDomainRNGDefFormat(virBufferPtr buf,
case VIR_DOMAIN_RNG_BACKEND_EGD:
virBufferAdjustIndent(buf, 2);
if (virDomainChrSourceDefFormat(buf, def->source.chardev,
if (virDomainChrSourceDefFormat(buf, NULL, def->source.chardev,
false, flags) < 0)
return -1;
virBufferAdjustIndent(buf, -2);
@ -16976,7 +16976,7 @@ virDomainRedirdevDefFormat(virBufferPtr buf,
virBufferAsprintf(buf, "<redirdev bus='%s'", bus);
virBufferAdjustIndent(buf, 2);
if (virDomainChrSourceDefFormat(buf, &def->source.chr, false, flags) < 0)
if (virDomainChrSourceDefFormat(buf, NULL, &def->source.chr, false, flags) < 0)
return -1;
if (virDomainDeviceInfoFormat(buf, &def->info,
flags | VIR_DOMAIN_XML_INTERNAL_ALLOW_BOOT) < 0)

45
tests/qemuxml2argvdata/qemuxml2argv-chardev-label.xml Normal file
View File

@ -0,0 +1,45 @@
<domain type='qemu'>
<name>machine</name>
<uuid>2187c512-ff97-47d7-b67c-c02d3bdc219d</uuid>
<memory unit='KiB'>219100</memory>
<currentMemory unit='KiB'>219100</currentMemory>
<vcpu placement='static'>1</vcpu>
<os>
<type arch='x86_64' machine='pc'>hvm</type>
<boot dev='hd'/>
</os>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
<emulator>/usr/bin/qemu</emulator>
<controller type='usb' index='0'/>
<controller type='ide' index='0'/>
<controller type='pci' index='0' model='pci-root'/>
<serial type='file'>
<source path='/tmp/serial.file'>
<seclabel model='dac' relabel='no'/>
</source>
<target port='0'/>
</serial>
<serial type='unix'>
<source mode='connect' path='/tmp/serial.sock'>
<seclabel model='dac' relabel='no'/>
</source>
<target port='1'/>
</serial>
<console type='file'>
<source path='/tmp/serial.file'>
<seclabel model='dac' relabel='no'/>
</source>
<target type='serial' port='0'/>
</console>
<memballoon model='virtio'/>
<rng model='virtio'>
<backend model='egd' type='pipe'>
<source path='/dev/null'/>
</backend>
</rng>
</devices>
</domain>

2
tests/qemuxml2xmltest.c
View File

@ -362,6 +362,8 @@ mymain(void)
DO_TEST_DIFFERENT("disk-backing-chains");
DO_TEST("chardev-label");
virObjectUnref(driver.caps);
virObjectUnref(driver.xmlopt);