seclabel: make code and RNG match

Commit b170eb99 introduced a bug: domains that had an explicit <seclabel type='none'/> when started would not be reparsed if libvirtd restarted. It turns out that our testsuite was not exercising this because it never tried anything but inactive parsing. Additionally, the live XML for such a domain failed to re-validate. Applying just the tests/ portion of this patch will expose the bugs that are fixed by the other two files. * docs/schemas/domaincommon.rng (seclabel): Allow relabel under type='none'. * src/conf/domain_conf.c (virSecurityLabelDefParseXML): Per RNG, presence of <seclabel> with no type implies dynamic. Don't require sub-elements for type='none'. * tests/qemuxml2xmltest.c (mymain): Add test. * tests/qemuxml2argvtest.c (mymain): Likewise. * tests/qemuxml2argvdata/qemuxml2argv-seclabel-none.xml: Add file. * tests/qemuxml2argvdata/qemuxml2argv-seclabel-none.args: Add file. Reported by Ansis Atteka.
2024-10-03 04:45:46 +00:00 · 2012-02-04 07:01:56 -07:00 · 2012-02-04 07:01:56 -07:00 · c052d8a89f
commit c052d8a89f
parent 13545647ba
6 changed files with 74 additions and 32 deletions
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@ -130,9 +130,15 @@
          </interleave>
        </group>
        <group>
+          <!-- with none, relabel must be no if present -->
          <attribute name='type'>
            <value>none</value>
          </attribute>
+          <optional>
+            <attribute name='relabel'>
+              <value>no</value>
+            </attribute>
+          </optional>
        </group>
      </choice>
    </element>
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@ -2583,17 +2583,15 @@ virSecurityLabelDefParseXML(virSecurityLabelDefPtr def,
    p = virXPathStringLimit("string(./seclabel/@type)",
                            VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
    if (p == NULL) {
-        virDomainReportError(VIR_ERR_XML_ERROR,
-                             "%s", _("missing security type"));
-        goto error;
-    }
-
-    def->type = virDomainSeclabelTypeFromString(p);
-    VIR_FREE(p);
-    if (def->type <= 0) {
-        virDomainReportError(VIR_ERR_XML_ERROR,
-                             "%s", _("invalid security type"));
-        goto error;
+        def->type = VIR_DOMAIN_SECLABEL_DYNAMIC;
+    } else {
+        def->type = virDomainSeclabelTypeFromString(p);
+        VIR_FREE(p);
+        if (def->type <= 0) {
+            virDomainReportError(VIR_ERR_XML_ERROR,
+                                 "%s", _("invalid security type"));
+            goto error;
+        }
    }

    p = virXPathStringLimit("string(./seclabel/@relabel)",
@ -2634,7 +2632,8 @@ virSecurityLabelDefParseXML(virSecurityLabelDefPtr def,
     * if the 'live' VM XML is requested
     */
    if (def->type == VIR_DOMAIN_SECLABEL_STATIC ||
-        !(flags & VIR_DOMAIN_XML_INACTIVE)) {
+        (!(flags & VIR_DOMAIN_XML_INACTIVE) &&
+         def->type != VIR_DOMAIN_SECLABEL_NONE)) {
        p = virXPathStringLimit("string(./seclabel/label[1])",
                                VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
        if (p == NULL) {
@ -2648,7 +2647,8 @@ virSecurityLabelDefParseXML(virSecurityLabelDefPtr def,

    /* Only parse imagelabel, if requested live XML with relabeling */
    if (!def->norelabel &&
-        !(flags & VIR_DOMAIN_XML_INACTIVE)) {
+        (!(flags & VIR_DOMAIN_XML_INACTIVE) &&
+         def->type != VIR_DOMAIN_SECLABEL_NONE)) {
        p = virXPathStringLimit("string(./seclabel/imagelabel[1])",
                                VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
        if (p == NULL) {
@ -2659,16 +2659,11 @@ virSecurityLabelDefParseXML(virSecurityLabelDefPtr def,
        def->imagelabel = p;
    }

-    /* Only parse baselabel, for dynamic or none label types */
-    if (def->type == VIR_DOMAIN_SECLABEL_DYNAMIC ||
-        def->type == VIR_DOMAIN_SECLABEL_NONE) {
+    /* Only parse baselabel for dynamic label type */
+    if (def->type == VIR_DOMAIN_SECLABEL_DYNAMIC) {
        p = virXPathStringLimit("string(./seclabel/baselabel[1])",
                                VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
-        if (p != NULL) {
-            def->baselabel = p;
-            /* Forces none type to dynamic for back compat */
-            def->type = VIR_DOMAIN_SECLABEL_DYNAMIC;
-        }
+        def->baselabel = p;
    }

    /* Only parse model, if static labelling, or a base
@ -2676,7 +2671,8 @@ virSecurityLabelDefParseXML(virSecurityLabelDefPtr def,
     */
    if (def->type == VIR_DOMAIN_SECLABEL_STATIC ||
        def->baselabel ||
-        !(flags & VIR_DOMAIN_XML_INACTIVE)) {
+        (!(flags & VIR_DOMAIN_XML_INACTIVE) &&
+         def->type != VIR_DOMAIN_SECLABEL_NONE)) {
        p = virXPathStringLimit("string(./seclabel/@model)",
                                VIR_SECURITY_MODEL_BUFLEN-1, ctxt);
        if (p == NULL) {
--- a/tests/qemuxml2argvdata/qemuxml2argv-seclabel-none.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-seclabel-none.args
@ -0,0 +1,4 @@
+LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test /usr/bin/qemu -S -M \
+pc -m 214 -smp 1 -name QEMUGuest1 -nographic -monitor unix:/tmp/test-monitor,\
+server,nowait -no-acpi -boot c -hda /dev/HostVG/QEMUGuest1 -net none -serial \
+none -parallel none -usb
--- a/tests/qemuxml2argvdata/qemuxml2argv-seclabel-none.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-seclabel-none.xml
@ -0,0 +1,26 @@
+<domain type='qemu'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory>219100</memory>
+  <currentMemory>219100</currentMemory>
+  <vcpu cpuset='1-4,8-20,525'>1</vcpu>
+  <os>
+    <type arch='i686' machine='pc'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu</emulator>
+    <disk type='block' device='disk'>
+      <source dev='/dev/HostVG/QEMUGuest1'/>
+      <target dev='hda' bus='ide'/>
+      <address type='drive' controller='0' bus='0' unit='0'/>
+    </disk>
+    <controller type='ide' index='0'/>
+    <memballoon model='virtio'/>
+  </devices>
+  <seclabel type='none' relabel='no'/>
+</domain>
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@ -728,6 +728,7 @@ mymain(void)
    DO_TEST("seclabel-dynamic-override", false, QEMU_CAPS_NAME);
    DO_TEST("seclabel-static", false, QEMU_CAPS_NAME);
    DO_TEST("seclabel-static-relabel", false, QEMU_CAPS_NAME);
+    DO_TEST("seclabel-none", false, QEMU_CAPS_NAME);

    DO_TEST("pseries-basic", false,
            QEMU_CAPS_CHARDEV, QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG);
--- a/tests/qemuxml2xmltest.c
+++ b/tests/qemuxml2xmltest.c
@ -19,7 +19,7 @@
 static struct qemud_driver driver;

 static int
-testCompareXMLToXMLFiles(const char *inxml, const char *outxml)
+testCompareXMLToXMLFiles(const char *inxml, const char *outxml, bool live)
 {
    char *inXmlData = NULL;
    char *outXmlData = NULL;
@ -34,7 +34,7 @@ testCompareXMLToXMLFiles(const char *inxml, const char *outxml)

    if (!(def = virDomainDefParseString(driver.caps, inXmlData,
                                        QEMU_EXPECTED_VIRT_TYPES,
-                                        VIR_DOMAIN_XML_INACTIVE)))
+                                        live ? 0 : VIR_DOMAIN_XML_INACTIVE)))
        goto fail;

    if (!(actual = virDomainDefFormat(def, VIR_DOMAIN_XML_SECURE)))
@ -58,6 +58,7 @@ testCompareXMLToXMLFiles(const char *inxml, const char *outxml)
 struct testInfo {
    const char *name;
    int different;
+    bool inactive_only;
 };

 static int
@ -75,9 +76,16 @@ testCompareXMLToXMLHelper(const void *data)
        goto cleanup;

    if (info->different) {
-        ret = testCompareXMLToXMLFiles(xml_in, xml_out);
+        ret = testCompareXMLToXMLFiles(xml_in, xml_out, false);
    } else {
-        ret = testCompareXMLToXMLFiles(xml_in, xml_in);
+        ret = testCompareXMLToXMLFiles(xml_in, xml_in, false);
+    }
+    if (!info->inactive_only) {
+        if (info->different) {
+            ret = testCompareXMLToXMLFiles(xml_in, xml_out, true);
+        } else {
+            ret = testCompareXMLToXMLFiles(xml_in, xml_in, true);
+        }
    }

 cleanup:
@ -95,19 +103,19 @@ mymain(void)
    if ((driver.caps = testQemuCapsInit()) == NULL)
        return (EXIT_FAILURE);

-# define DO_TEST_FULL(name, is_different)                               \
+# define DO_TEST_FULL(name, is_different, inactive)                     \
    do {                                                                \
-        const struct testInfo info = {name, is_different};              \
+        const struct testInfo info = {name, is_different, inactive};    \
        if (virtTestRun("QEMU XML-2-XML " name,                         \
                        1, testCompareXMLToXMLHelper, &info) < 0)       \
            ret = -1;                                                   \
    } while (0)

 # define DO_TEST(name) \
-    DO_TEST_FULL(name, 0)
+    DO_TEST_FULL(name, 0, false)

 # define DO_TEST_DIFFERENT(name) \
-    DO_TEST_FULL(name, 1)
+    DO_TEST_FULL(name, 1, false)

    /* Unset or set all envvars here that are copied in qemudBuildCommandLine
     * using ADD_ENV_COPY, otherwise these tests may fail due to unexpected
@ -200,9 +208,10 @@ mymain(void)
    DO_TEST("usb-redir");
    DO_TEST("blkdeviotune");

-    DO_TEST("seclabel-dynamic-baselabel");
-    DO_TEST("seclabel-dynamic-override");
+    DO_TEST_FULL("seclabel-dynamic-baselabel", false, true);
+    DO_TEST_FULL("seclabel-dynamic-override", false, true);
    DO_TEST("seclabel-static");
+    DO_TEST("seclabel-none");

    /* These tests generate different XML */
    DO_TEST_DIFFERENT("balloon-device-auto");