NuKVM/libvirt
3
0
Fork 0
mirror of https://github.com/libvirt/libvirt.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

Move the FIPS detection from capabilities

Browse Source 
We are not detecting the presence of FIPS from QEMU, but from procfs and
that means it's not QEMU capability. It was decided that we will pass
this flag to QEMU even if it's not supported by old QEMU binaries.

This patch also reverts changes done by commit a21cfb0f to
qemucapabilitestest and implements a new test case in qemuxml2argvtest.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1135431

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
This commit is contained in:
Pavel Hrdina
2014-09-18 17:38:32 +02:00
parent ba7468dbb1
commit da7799d879
12 changed files with 89 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
tests/qemucapabilitiesdata/caps_1.2.2-1.caps
View File

@@ -112,7 +112,6 @@
<flag name='usb-storage'/>
<flag name='usb-storage.removable'/>
<flag name='kvm-pit-lost-tick-policy'/>
<flag name='enable-fips'/>
<flag name='usb-kbd'/>
<flag name='host-pci-multidomain'/>
<flag name='usb-audio'/>

1
tests/qemucapabilitiesdata/caps_1.6.0-1.caps
View File

@@ -138,7 +138,6 @@
<flag name='boot-strict'/>
<flag name='pvpanic'/>
<flag name='reboot-timeout'/>
<flag name='enable-fips'/>
<flag name='spice-file-xfer-disable'/>
<flag name='spiceport'/>
<flag name='usb-kbd'/>

24
tests/qemucapabilitiestest.c
View File

@@ -31,7 +31,6 @@ typedef testQemuData *testQemuDataPtr;
struct _testQemuData {
virDomainXMLOptionPtr xmlopt;
const char *base;
bool fips;
};
static qemuMonitorTestPtr
@@ -143,12 +142,6 @@ testQemuCaps(const void *opaque)
qemuMonitorTestGetMonitor(mon)) < 0)
goto cleanup;
/* So that our test does not depend on the contents of /proc, we
* hoisted the setting of ENABLE_FIPS to virQEMUCapsInitQMP. But
* we do want to test the effect of that flag. */
if (data->fips)
virQEMUCapsSet(capsComputed, QEMU_CAPS_ENABLE_FIPS);
if (testQemuCapsCompare(capsProvided, capsComputed) < 0)
goto cleanup;
@@ -183,19 +176,18 @@ mymain(void)
data.xmlopt = xmlopt;
#define DO_TEST_FULL(name, use_fips) \
data.base = name; \
data.fips = use_fips; \
if (virtTestRun(name, testQemuCaps, &data) < 0) \
ret = -1
#define DO_TEST(name) \
do { \
data.base = name; \
if (virtTestRun(name, testQemuCaps, &data) < 0) \
ret = -1; \
} while (0)
#define DO_TEST(name) DO_TEST_FULL(name, false)
DO_TEST_FULL("caps_1.2.2-1", true);
DO_TEST("caps_1.2.2-1");
DO_TEST("caps_1.3.1-1");
DO_TEST("caps_1.4.2-1");
DO_TEST("caps_1.5.3-1");
DO_TEST_FULL("caps_1.6.0-1", true);
DO_TEST("caps_1.6.0-1");
DO_TEST("caps_1.6.50-1");
virObjectUnref(xmlopt);

6
tests/qemuxml2argvdata/qemuxml2argv-fips-enabled.args Normal file
View File

@@ -0,0 +1,6 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
/usr/bin/qemu \
-S -enable-fips -M pc -m 214 -smp 1 -nographic -monitor \
unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -usb \
-hda /dev/HostVG/QEMUGuest1 -net none -serial \
none -parallel none

25
tests/qemuxml2argvdata/qemuxml2argv-fips-enabled.xml Normal file
View File

@@ -0,0 +1,25 @@
<domain type='qemu'>
<name>QEMUGuest1</name>
<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
<memory unit='KiB'>219100</memory>
<currentMemory unit='KiB'>219100</currentMemory>
<vcpu placement='static' cpuset='1-4,8-20,525'>1</vcpu>
<os>
<type arch='i686' machine='pc'>hvm</type>
<boot dev='hd'/>
</os>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
<emulator>/usr/bin/qemu</emulator>
<disk type='block' device='disk'>
<source dev='/dev/HostVG/QEMUGuest1'/>
<target dev='hda' bus='ide'/>
<address type='drive' controller='0' bus='0' target='0' unit='0'/>
</disk>
<controller type='ide' index='0'/>
<memballoon model='virtio'/>
</devices>
</domain>

9
tests/qemuxml2argvtest.c
View File

@@ -259,6 +259,7 @@ typedef enum {
FLAG_EXPECT_FAILURE = 1 << 1,
FLAG_EXPECT_PARSE_ERROR = 1 << 2,
FLAG_JSON = 1 << 3,
FLAG_FIPS = 1 << 4,
} virQemuXML2ArgvTestFlags;
static int testCompareXMLToArgvFiles(const char *xml,
@@ -360,7 +361,8 @@ static int testCompareXMLToArgvFiles(const char *xml,
(flags & FLAG_JSON), extraFlags,
migrateFrom, migrateFd, NULL,
VIR_NETDEV_VPORT_PROFILE_OP_NO_OP,
&testCallbacks, false))) {
&testCallbacks, false,
(flags & FLAG_FIPS)))) {
if (!virtTestOOMActive() &&
(flags & FLAG_EXPECT_FAILURE)) {
ret = 0;
@@ -443,6 +445,9 @@ testCompareXMLToArgvHelper(const void *data)
if (virQEMUCapsGet(info->extraFlags, QEMU_CAPS_MONITOR_JSON))
flags |= FLAG_JSON;
if (virQEMUCapsGet(info->extraFlags, QEMU_CAPS_ENABLE_FIPS))
flags |= FLAG_FIPS;
result = testCompareXMLToArgvFiles(xml, args, info->extraFlags,
info->migrateFrom, info->migrateFd,
flags);
@@ -1455,6 +1460,8 @@ mymain(void)
DO_TEST("panic", QEMU_CAPS_DEVICE_PANIC,
QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG);
DO_TEST("fips-enabled", QEMU_CAPS_ENABLE_FIPS);
virObjectUnref(driver.config);
virObjectUnref(driver.caps);
virObjectUnref(driver.xmlopt);

2
tests/qemuxmlnstest.c
View File

@@ -119,7 +119,7 @@ static int testCompareXMLToArgvFiles(const char *xml,
vmdef, &monitor_chr, json, extraFlags,
migrateFrom, migrateFd, NULL,
VIR_NETDEV_VPORT_PROFILE_OP_NO_OP,
&testCallbacks, false)))
&testCallbacks, false, false)))
goto fail;
if (!virtTestOOMActive()) {