External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-10-02 04:15:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

virt-host-validate: Call VIR_HOST_VALIDATE_FAILURE() more frequently

Browse Source 
Ideally, every virHostMsgFail() would be coupled with
VIR_HOST_VALIDATE_FAILURE() so that the failure is correctly
propagated to the caller. However, in
virHostValidateSecureGuests() we are either ignoring @level and
returning 0 directly (no error), or not returning at all, relying
on 'return 0' at the end of the function. Neither of these help
propagate failure correctly.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Fabiano Fidêncio <fabiano@fidencio.org>
This commit is contained in:
Michal Privoznik 2021-06-08 09:20:32 +02:00
parent 7ea5a80dc1
commit 853228c022
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
tools/virt-host-validate-common.c
View File

@ -467,7 +467,7 @@ int virHostValidateSecureGuests(const char *hvname,
if (!virFileIsDir("/sys/firmware/uv")) {
virHostMsgFail(level, "IBM Secure Execution not supported by "
"the currently used kernel");
return 0;
return VIR_HOST_VALIDATE_FAILURE(level);
}
/* we're prefix matching rather than equality matching here, because
@ -486,16 +486,18 @@ int virHostValidateSecureGuests(const char *hvname,
"IBM Secure Execution appears to be disabled "
"in kernel. Add prot_virt=1 to kernel cmdline "
"arguments");
return VIR_HOST_VALIDATE_FAILURE(level);
}
} else {
virHostMsgFail(level, "Hardware or firmware does not provide "
"support for IBM Secure Execution");
return VIR_HOST_VALIDATE_FAILURE(level);
}
} else if (hasAMDSev) {
if (virFileReadValueString(&mod_value, "/sys/module/kvm_amd/parameters/sev") < 0) {
virHostMsgFail(level, "AMD Secure Encrypted Virtualization not "
"supported by the currently used kernel");
return 0;
return VIR_HOST_VALIDATE_FAILURE(level);
}
if (mod_value[0] != '1') {
@ -503,7 +505,7 @@ int virHostValidateSecureGuests(const char *hvname,
"AMD Secure Encrypted Virtualization appears to be "
"disabled in kernel. Add kvm_amd.sev=1 "
"to the kernel cmdline arguments");
return 0;
return VIR_HOST_VALIDATE_FAILURE(level);
}
if (virFileExists("/dev/sev")) {
@ -513,6 +515,7 @@ int virHostValidateSecureGuests(const char *hvname,
virHostMsgFail(level,
"AMD Secure Encrypted Virtualization appears to be "
"disabled in firemare.");
return VIR_HOST_VALIDATE_FAILURE(level);
}
} else {
virHostMsgFail(level,