[libvirt] [PATCH v2 2/4] libvirt: conf: parse XML for protected key management ops
John Ferlan
jferlan at redhat.com
Mon May 18 12:40:35 UTC 2015
On 05/15/2015 10:43 AM, Michal Privoznik wrote:
...
Coverity complaint...
> +static int
> +virDomainKeyWrapDefParseXML(virDomainDefPtr def, xmlXPathContextPtr ctxt)
> +{
> + size_t i;
> + int ret = -1;
> + xmlNodePtr *nodes = NULL;
> + int n;
> +
> + if (!(n = virXPathNodeSet("./keywrap/cipher", ctxt, &nodes)))
Can return a negative number...
> + return 0;
> +
> + if (VIR_ALLOC(def->keywrap) < 0)
> + goto cleanup;
> +
> + for (i = 0; i < n; i++) {
Causing this to run a long time.
I'll append something to my current on list Coverity patches to resolve.
John
> + if (virDomainKeyWrapCipherDefParseXML(def->keywrap, nodes[i], ctxt) < 0)
> + goto cleanup;
> + }
> +
> + if (!def->keywrap->aes &&
> + !def->keywrap->dea)
> + VIR_FREE(def->keywrap);
> +
> + ret = 0;
> +
> + cleanup:
> + if (ret < 0)
> + VIR_FREE(def->keywrap);
> + VIR_FREE(nodes);
> + return ret;
> +}
> +
>
> /**
> * virDomainXMLOptionNew:
> @@ -2361,6 +2491,8 @@ void virDomainDefFree(virDomainDefPtr def)
> virDomainShmemDefFree(def->shmems[i]);
> VIR_FREE(def->shmems);
>
> + VIR_FREE(def->keywrap);
> +
> if (def->namespaceData && def->ns.free)
> (def->ns.free)(def->namespaceData);
>
> @@ -15535,6 +15667,9 @@ virDomainDefParseXML(xmlDocPtr xml,
> VIR_FREE(tmp);
> }
>
> + if (virDomainKeyWrapDefParseXML(def, ctxt) < 0)
> + goto error;
> +
> /* Extract custom metadata */
> if ((node = virXPathNode("./metadata[1]", ctxt)) != NULL)
> def->metadata = xmlCopyNode(node, 1);
> @@ -20588,6 +20723,24 @@ virDomainLoaderDefFormat(virBufferPtr buf,
> }
> }
>
> +static void
> +virDomainKeyWrapDefFormat(virBufferPtr buf, virDomainKeyWrapDefPtr keywrap)
> +{
> + virBufferAddLit(buf, "<keywrap>\n");
> + virBufferAdjustIndent(buf, 2);
> +
> + if (keywrap->aes)
> + virBufferAsprintf(buf, "<cipher name='aes' state='%s'/>\n",
> + virTristateSwitchTypeToString(keywrap->aes));
> +
> + if (keywrap->dea)
> + virBufferAsprintf(buf, "<cipher name='dea' state='%s'/>\n",
> + virTristateSwitchTypeToString(keywrap->dea));
> +
> + virBufferAdjustIndent(buf, -2);
> + virBufferAddLit(buf, "</keywrap>\n");
> +}
> +
> static bool
> virDomainDefHasCapabilitiesFeatures(virDomainDefPtr def)
> {
> @@ -21490,6 +21643,9 @@ virDomainDefFormatInternal(virDomainDefPtr def,
> goto error;
> }
>
> + if (def->keywrap)
> + virDomainKeyWrapDefFormat(buf, def->keywrap);
> +
> virBufferAdjustIndent(buf, -2);
> virBufferAddLit(buf, "</domain>\n");
>
> diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
> index 8312c20..7b29008 100644
> --- a/src/conf/domain_conf.h
> +++ b/src/conf/domain_conf.h
> @@ -2119,6 +2119,13 @@ struct _virDomainPowerManagement {
> int s4;
> };
>
> +typedef struct _virDomainKeyWrapDef virDomainKeyWrapDef;
> +typedef virDomainKeyWrapDef *virDomainKeyWrapDefPtr;
> +struct _virDomainKeyWrapDef {
> + int aes; /* enum virTristateSwitch */
> + int dea; /* enum virTristateSwitch */
> +};
> +
> /*
> * Guest VM main configuration
> *
> @@ -2255,6 +2262,8 @@ struct _virDomainDef {
> void *namespaceData;
> virDomainXMLNamespace ns;
>
> + virDomainKeyWrapDefPtr keywrap;
> +
> /* Application-specific custom metadata */
> xmlNodePtr metadata;
> };
> @@ -2264,6 +2273,13 @@ void virDomainDefSetMemoryInitial(virDomainDefPtr def, unsigned long long size);
> unsigned long long virDomainDefGetMemoryActual(virDomainDefPtr def);
>
> typedef enum {
> + VIR_DOMAIN_KEY_WRAP_CIPHER_NAME_AES,
> + VIR_DOMAIN_KEY_WRAP_CIPHER_NAME_DEA,
> +
> + VIR_DOMAIN_KEY_WRAP_CIPHER_NAME_LAST
> +} virDomainKeyWrapCipherName;
> +
> +typedef enum {
> VIR_DOMAIN_TAINT_CUSTOM_ARGV, /* Custom ARGV passthrough from XML */
> VIR_DOMAIN_TAINT_CUSTOM_MONITOR, /* Custom monitor commands issued */
> VIR_DOMAIN_TAINT_HIGH_PRIVILEGES, /* Running with undesirably high privileges */
> @@ -2951,6 +2967,7 @@ VIR_ENUM_DECL(virDomainChrTcpProtocol)
> VIR_ENUM_DECL(virDomainChrSpicevmc)
> VIR_ENUM_DECL(virDomainSoundCodec)
> VIR_ENUM_DECL(virDomainSoundModel)
> +VIR_ENUM_DECL(virDomainKeyWrapCipherName)
> VIR_ENUM_DECL(virDomainMemballoonModel)
> VIR_ENUM_DECL(virDomainSmbiosMode)
> VIR_ENUM_DECL(virDomainWatchdogModel)
> diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
> index f80fc70..afd0cb6 100644
> --- a/src/libvirt_private.syms
> +++ b/src/libvirt_private.syms
> @@ -329,6 +329,8 @@ virDomainIOThreadIDDefFree;
> virDomainIOThreadIDDel;
> virDomainIOThreadIDFind;
> virDomainIOThreadSchedDelId;
> +virDomainKeyWrapCipherNameTypeFromString;
> +virDomainKeyWrapCipherNameTypeToString;
> virDomainLeaseDefFree;
> virDomainLeaseIndex;
> virDomainLeaseInsert;
>
More information about the libvir-list
mailing list