Commit Graph

41957 Commits

Author SHA1 Message Date
Daniel P. Berrangé
8f390ae310 secret: rework handling of private secrets
A secret can be marked with the "private" attribute. The intent was that
it is not possible for any libvirt client to be able to read the secret
value, it would only be accesible from within libvirtd. eg the QEMU
driver can read the value to launch a guest.

With the modular daemons, the QEMU, storage and secret drivers are all
running in separate daemons. The QEMU and storage drivers thus appear to
be normal libvirt client's from the POV of the secret driver, and thus
they are not able to read a private secret. This is unhelpful.

With the previous patches that introduced a "system token" to the
identity object, we can now distinguish APIs invoked by libvirt daemons
from those invoked by client applications.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-13 11:07:47 +01:00
Daniel P. Berrangé
9bcbdbd579 src: elevate current identity privilege when fetching secret
When fetching the value of a private secret, we need to use an elevated
identity otherwise the secret driver will deny access.

When using the modular daemons, the elevated identity needs to be active
before the secret driver connection is opened, and it will apply to all
APIs calls made on that conncetion.

When using the monolithic daemon, the identity at time of opening the
connection is ignored, and the elevated identity needs to be active
precisely at the time the virSecretGetValue API call is made.

After acquiring the secret value, the elevated identity should be
cleared.

This sounds complex, but is fairly straightfoward with the automatic
cleanup callbacks.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-13 11:07:43 +01:00
Daniel P. Berrangé
9645200dc0 src: set identity when opening secondary drivers
The drivers can all call virGetConnectXXX to open a connection to a
secondary driver. For example, when creating a encrypted storage volume,
the storage driver has to open a secret driver connection, or when
starting a guest, the QEMU driver has to open the network driver to
lookup a virtual network.

When using monolithic libvirtd, the connection has the same effective
identity as the client, since everything is still in the same process.
When using the modular daemons, however, the remote daemon sees the
identity of the calling daemon. This is a mistake as it results in
the modular daemons seeing the client with elevated privileges.

We need to pass on the current identity explicitly when opening the
secondary drivers. This is the same thing that is done by daemon RPC
dispatcher code when it is directly forwarding top level API calls
from virtproxyd and other daemons.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-13 11:07:41 +01:00
Daniel P. Berrangé
11f077e286 src: add API to determine if current identity is a system identity
This is essentially a way to determine if the current identity
is that of another libvirt daemon.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-13 11:07:40 +01:00
Daniel P. Berrangé
10689c16d8 util: helper to temporary elevate privileges of the current identity
When talking to the secret driver, the callers inside libvirt daemons
need to be able to run with an elevated privileges that prove the API
calls are made by a libvirt daemon, not an end user application.

The virIdentityElevateCurrent method will take the current identity
and, if not already present, add the system token. The old current
identity is returned to the caller. With the VIR_IDENTITY_AUTORESTORE
annotation, the old current identity will be restored upon leaving
the codeblock scope.

    ... early work with regular privileges ...
    if (something needing elevated privs) {
        VIR_IDENTITY_AUTORESTORE virIdentity *oldident =
	    virIdentityElevateCurrent();
	if (!oldident)
	    return -1;

        ... do something with elevated privileges ...
    }
    ... later work with regular privileges ...

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-13 11:07:36 +01:00
Daniel P. Berrangé
695d713df2 util: add API for copying identity objects
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-13 11:07:35 +01:00
Daniel P. Berrangé
b3fe905f53 util: set system token for system identity
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-13 11:07:33 +01:00
Daniel P. Berrangé
cbfebfc747 util: generate a persistent system token
When creating the system identity set the system token. The system
token is currently stored in a local path

   /var/run/libvirt/common/system.token

Obviously with only traditional UNIX DAC in effect, this is largely
security through obscurity, if the client is running at the same
privilege level as the daemon. It does, however, reliably distinguish
an unprivileged client from the system daemons.

With a MAC system like SELinux though, or possible use of containers,
access can be further restricted.

A possible future improvement for Linux would be to populate the
kernel keyring with a secret for libvirt daemons to share.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-13 11:07:16 +01:00
Daniel P. Berrangé
d5d011f767 util: introduce concept of a system token into identities
We want a way to distinguish between calls from a libvirt daemon, and a
regular client application when both are running as the same user
account. This is not possible with the current set of attributes
recorded against an identity, as there is nothing that is common to all
of the modular libvirt daemons, while distinct to all other processes.

We thus introduce the idea of a system token, which is simply a random
hex string that is only known by the libvirt daemons, to be recorded
against the system identity.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-13 11:07:15 +01:00
Daniel P. Berrangé
1ca3959712 util: add virRandomToken API
A random token is simply a string of random bytes formatted in
hexidecimal.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-13 11:07:13 +01:00
Neal Gompa
d6a1d1841a rpm: Set version information for libvirt-admin virtual name
The libvirt-daemon package now provides the 'libvirt-admin' virtual
name, but the Provides stanza doesn't declare version information,
which breaks things depending on that package using a versioned
dependency. Fix this by setting the version-release of libvirt to
that name to mimic the previous state.

Fixes: 2244ac168d

Signed-off-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-13 09:28:34 +02:00
Tim Wiederhake
210bdb61ff virStoragePoolDefParseXML: Use virXMLProp*
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-05-13 09:24:09 +02:00
Tim Wiederhake
dba76bdba3 virStoragePoolDefParseSource: Use VIR_XPATH_NODE_AUTORESTORE
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-05-13 09:24:09 +02:00
Tim Wiederhake
0f8fd45482 virStoragePoolDefParseSource: Use virXMLProp*
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-05-13 09:24:09 +02:00
Tim Wiederhake
3681a53933 virStorageAdapterParseXMLFCHost: Use virXMLProp*
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-05-13 09:24:09 +02:00
Daniel P. Berrangé
156315cff4 gitlab: avoid building libvirt twice and running syntax-check twice
In the distros using RPMs, we build libvirt once as a side effect
of running "ninja dist", and once via rpmbuild.

In addition "ninja dist" will run all tests including the "syntax-check"
suite, despite use having a separate "codestyle" job for for that.

There is no way to pass "--no-suite" when creating the dist, but if we
switch to invoking "meson dist", we can skip the build+test part
entirely  using "--no-tests".

When doing this we then run explicit "meson compile" and "meson test"
commands for the distros that don't build the RPMs, and in the latter
case we can now skip the "syntax-check" suite.

The RPM builds already skipped the "syntax-check" suite.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-12 14:18:15 +01:00
Daniel P. Berrangé
b56e2be68e gitlab: run "meson" directly instead of "ninja" indirection
The "dist" and "test" targets in ninja end up calling back into
the equivalent meson commands. The meson commands support various
arguments that are not accessible when invoked via ninja, so it
is preferrable to use meson directly.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-12 14:18:08 +01:00
Daniel P. Berrangé
9cbcea448a gitlab: remove ability to skip 'ninja dist'
The "DIST=skip" flag as used in CentOS 7 jobs to workaround a problem
with older git versions. This is no longer required since

  commit d35003aee7
  Author: Andrea Bolognani <abologna@redhat.com>
  Date:   Tue May 4 10:45:29 2021 +0200

    ci: Drop CentOS 7

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-12 14:18:04 +01:00
Daniel P. Berrangé
6f9226638a gitlab: only print failed tests in codestyle job
"meson test" will only print a list of which tests fail by default,
so we were sending the full test log to stdout on failure. This makes
it really hard to see the errors though as the test log has all
succcesful tests too.

"ninja test" will print the same as "meson test", following by details
of each failure.

It does this using the "--print-errorlog" flag, so lets use  that in
the codestyle job.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-12 14:17:48 +01:00
Neal Gompa
d557f0776b rpm: Drop unnecessary libiscsi runtime dependency
This is automatically picked up by the dependency generator, so
there's no reason to have this here.

Signed-off-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2021-05-12 10:53:22 +02:00
Andrea Bolognani
7c5d0ae3bd spec: Simplify platform check
No need to check whether we're on Fedora, because checking
whether the version of Fedora is recent enough implictly does
that already.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
2021-05-12 10:29:45 +02:00
Andrea Bolognani
e8cdabc868 spec: Move definition of supported_platform variable
It's only used in one place, and it's nicer to keep the error
message close to the check that causes it to be emitted.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
2021-05-12 10:29:43 +02:00
Andrea Bolognani
62e5dc56d9 spec: Reintroduce supported_platform variable
The rewritten checks, which made it possible to drop the
variable, are in fact not equivalent to the original ones,
and rewriting them once again so that they are would make
them unwieldy. Let's go back to how things were.

Reverts: 69c8d5954e
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
2021-05-12 10:29:39 +02:00
Tim Wiederhake
3976dc598a virNodeDeviceDefParseXML: Use virXMLProp*
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-11 14:04:08 +02:00
Tim Wiederhake
1f59f2fd3d virNodeDevCapsDefParseXML: Use g_autoptr
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-11 14:04:06 +02:00
Tim Wiederhake
27b09ff09f conf: node_device: Register autoptr cleanup function for virNodeDevCapsDef
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-11 14:04:04 +02:00
Tim Wiederhake
afedd6dde5 virNodeDevCapsDefParseXML: Use virXMLProp*
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-11 14:04:02 +02:00
Tim Wiederhake
3a4027511d virPCIEDeviceInfoLinkParseXML: Remove unused parameter ctxt
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-11 14:04:00 +02:00
Tim Wiederhake
bfba1758a2 virPCIEDeviceInfoLinkParseXML: Use virXMLProp*
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-11 14:03:58 +02:00
Tim Wiederhake
fee958313d virNetworkDHCPLeaseTimeDefParseXML: Use virXMLProp*
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-11 14:03:48 +02:00
Tim Wiederhake
9013204afe virNetworkDHCPLeaseTimeDef: Make expiry unsigned long long
The width of `unsigned long` differs on 32 bit and 64 bit architectures.
There is no compelling reason why the maximum DHCP lease time should
depend on the architecture.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-11 14:03:44 +02:00
Tim Wiederhake
34851dd8f4 virDomainObjParseXML: Use g_autoptr
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-11 14:03:41 +02:00
Tim Wiederhake
107f687128 virDomainObjParseXML: Use virXMLProp*
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-11 14:03:37 +02:00
Kashyap Chamarthy
f98759170e docs: kbase: Add a doc on merging disk image chains
This is a rewrite of:

    https://wiki.libvirt.org/page/Live-merge-an-entire-disk-image-chain-including-current-active-disk

Once this commit merges, the above wiki should point to this kbase
document.

Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-11 11:23:57 +02:00
Kashyap Chamarthy
e4f3f9d063 docs: kbase: Add a doc on live full disk backup
This is a rewrite of:

    https://wiki.libvirt.org/page/Live-disk-backup-with-active-blockcommit

Once this commit merges, the above wiki should point to this kbase
document.

NB: I've intentionally left out the example for pull-based full backups.
I'll tackle it once QMP `x-blockdev-reopen` comes out of experimental
mode in upstream QEMU.  Then pull-based can be described for both full
and and differntial backups.

Overall, future documents should cover:

   - full backups using both push- and pull-mode
   - differential backups using both push- and pull-mode

Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-11 11:23:12 +02:00
Göran Uddeborg
39954c76a6 Translated using Weblate (Swedish)
Currently translated at 26.3% (2773 of 10516 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/sv/

Translated using Weblate (Swedish)

Currently translated at 25.9% (2733 of 10516 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/sv/

Translated using Weblate (Swedish)

Currently translated at 25.7% (2713 of 10516 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/sv/

Co-authored-by: Göran Uddeborg <goeran@uddeborg.se>
Signed-off-by: Göran Uddeborg <goeran@uddeborg.se>
2021-05-10 15:31:59 +02:00
simmon
3f339c05d4 Translated using Weblate (Korean)
Currently translated at 44.1% (4638 of 10516 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 43.4% (4568 of 10516 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 43.2% (4553 of 10516 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 43.1% (4536 of 10516 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 43.1% (4534 of 10516 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 43.0% (4527 of 10516 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 42.9% (4518 of 10516 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Co-authored-by: simmon <simmon@nplob.com>
Signed-off-by: simmon <simmon@nplob.com>
2021-05-10 15:31:59 +02:00
Pavel Hrdina
61d95a1073 qemu_firmware: don't error out for unknown firmware features
When QEMU introduces new firmware features libvirt will fail until we
list that feature in our code as well which doesn't sound right.

We should simply ignore the new feature until we add a proper support
for it.

Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-05-10 15:30:18 +02:00
Michal Privoznik
fe75c387c4 virCapabilitiesHostNUMAInitReal: Bring variables into loop
Some variables are needed only inside for() loop. They were
declared at the beginning of the function because of VIR_FREE()
calls, but since they are auto-freed they can be declared inside
the loop.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-05-10 15:16:35 +02:00
Michal Privoznik
3bab9ce34f virCapabilitiesHostNUMAInitReal: Use g_auto* where possible
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-05-10 15:16:27 +02:00
Michal Privoznik
83253ff091 virCapabilitiesHostNUMAAddCell: Take double pointer
What this function really does it takes ownership of all pointers
passed (well, except for the first one - caps - to which it
registers new NUMA node). But since all info is passed as a
single pointer it's hard to tell (and use g_auto*). Let's use
double pointers to make the ownership transfer obvious.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-05-10 15:16:25 +02:00
Michal Privoznik
26a24a702c virCapabilitiesHostNUMAInitReal: Free @cpus properly
The @cpus variable is an array of structs in which each item
contains a virBitmap member. As such it is not enough to just
VIR_FREE() the array - each bitmap has to be freed too.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-05-10 15:16:23 +02:00
Michal Privoznik
c2137a901c virCapabilitiesHostNUMAFormat: Swap order of arguments
The rest of virCapabilities format functions take virBuffer as
the first argument and struct to format as the second. Also, they
accept NULL (as the second argument). Fix
virCapabilitiesHostNUMAFormat() so that it follows this logic.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-05-10 15:16:13 +02:00
Michal Privoznik
4ce1106277 securityselinuxhelper: Fix retval of setcon_raw() and security_disable()
The securityselinuxhelper is a mock that's replacing libselinux
APIs with our own implementation to achieve deterministic
results. Our implementation uses env vars (among other things) to
hold internal state. For instance, "FAKE_SELINUX_CONTEXT" and
"FAKE_SELINUX_DISABLED" variables are used. However, as we were
switching from setenv() to g_setenv() we also changed the set of
possible retvals from setcon_raw() and security_disable().
Previously, the retval of setenv() was used directly which
returns 0 on success and -1 on error. But g_setenv() has
different retval semantics: it returns 1 on success and 0 on
error.

This discrepancy can be observed by running viridentitytest where
case #2 reports an error ("!") - because setcon_raw() returns 1.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-05-10 13:32:43 +02:00
Tim Wiederhake
d1873e03b4 cpu-data.py: Automatically adjust command line for kcpuid
kcpuid does not have a "-1" flag.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-07 18:02:48 +02:00
Tim Wiederhake
95a89ed012 cpu-data.py: Parse kcpuid output
Linux 5.13 introduces "kcpuid", a tool similar to "cpuid", see
https://lore.kernel.org/lkml/1614928878-86075-1-git-send-email-feng.tang@intel.com/

Output formats of cpuid and kcpuid differ slightly. This adds support
for the latter.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-07 17:14:53 +02:00
Tim Wiederhake
5a175b2ddc cpu-data.py: Factor out cpuid parsing
Preparation for next patch.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-07 17:13:35 +02:00
Michal Privoznik
d2a506eb67 virthread: Make sure virOnce() returns -1 on error
Since its introduction in v0.9.1~65 the virOnce() was expected to
follow the usual retval logic (0 for success, a negative number
for failure). However, that was never the case.

On the other hand, looking into glibc and musl the pthread_once()
never returns anything other than zero (uclibc-ng seems to not
implement pthread_once()), therefore we never really hit any
problem. But for code cleanliness (and to match POSIX
documentation), let's change to code so that our retval logic is
honoured.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-05-07 12:33:58 +02:00
Peter Krempa
1764b305e6 virXMLPropEnum: Always initialize '@result'
Compilers aren't able to see whether @result is set or not and thus
don't warn of a potential use of uninitialized value. Always set @result
to prevent uninitialized use.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-07 10:06:19 +02:00
Peter Krempa
e06c6fdbdc conf: domain: Convert virXMLPropEnum to virXMLPropEnumDefault where we set defaults
There are few cases where we set a default value when using
virXMLPropEnum which can be converted to virXMLPropEnumDefault.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-05-07 10:06:18 +02:00