mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-22 17:34:18 +03:00
qemuxml2argvtest: Sanitize testing of '-enable-fips'
Rename 'FLAG_FIPS' to 'FLAG_FIPS_HOST' to signify that we are simulating a host supporting fips mode and use the flag to assert 'enabeFips' argument of 'qemuProcessCreatePretendCmdBuild' rather than passing it via QEMU_CAPS_ENABLE_FIPS. This prepares the testsuite for testing of -enable-fips deprecation in qemu-5.2. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
parent
25cb07498e
commit
ca8f7b8a02
@ -1,31 +0,0 @@
|
||||
LC_ALL=C \
|
||||
PATH=/bin \
|
||||
HOME=/tmp/lib/domain--1-QEMUGuest1 \
|
||||
USER=test \
|
||||
LOGNAME=test \
|
||||
XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
|
||||
XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
|
||||
XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
|
||||
QEMU_AUDIO_DRV=none \
|
||||
/usr/bin/qemu-system-i386 \
|
||||
-name QEMUGuest1 \
|
||||
-S \
|
||||
-enable-fips \
|
||||
-machine pc,accel=tcg,usb=off,dump-guest-core=off \
|
||||
-m 214 \
|
||||
-realtime mlock=off \
|
||||
-smp 1,sockets=1,cores=1,threads=1 \
|
||||
-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
|
||||
-display none \
|
||||
-no-user-config \
|
||||
-nodefaults \
|
||||
-chardev socket,id=charmonitor,path=/tmp/lib/domain--1-QEMUGuest1/monitor.sock,\
|
||||
server,nowait \
|
||||
-mon chardev=charmonitor,id=monitor,mode=control \
|
||||
-rtc base=utc \
|
||||
-no-shutdown \
|
||||
-no-acpi \
|
||||
-usb \
|
||||
-drive file=/dev/HostVG/QEMUGuest1,format=raw,if=none,id=drive-ide0-0-0 \
|
||||
-device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 \
|
||||
-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3
|
40
tests/qemuxml2argvdata/fips-enabled.x86_64-5.1.0.args
Normal file
40
tests/qemuxml2argvdata/fips-enabled.x86_64-5.1.0.args
Normal file
@ -0,0 +1,40 @@
|
||||
LC_ALL=C \
|
||||
PATH=/bin \
|
||||
HOME=/tmp/lib/domain--1-QEMUGuest1 \
|
||||
USER=test \
|
||||
LOGNAME=test \
|
||||
XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
|
||||
XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
|
||||
XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
|
||||
QEMU_AUDIO_DRV=none \
|
||||
/usr/bin/qemu-system-i386 \
|
||||
-name guest=QEMUGuest1,debug-threads=on \
|
||||
-S \
|
||||
-object secret,id=masterKey0,format=raw,\
|
||||
file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
|
||||
-enable-fips \
|
||||
-machine pc-i440fx-5.1,accel=tcg,usb=off,dump-guest-core=off \
|
||||
-cpu qemu64 \
|
||||
-m 214 \
|
||||
-overcommit mem-lock=off \
|
||||
-smp 1,sockets=1,cores=1,threads=1 \
|
||||
-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
|
||||
-display none \
|
||||
-no-user-config \
|
||||
-nodefaults \
|
||||
-chardev socket,id=charmonitor,fd=1729,server,nowait \
|
||||
-mon chardev=charmonitor,id=monitor,mode=control \
|
||||
-rtc base=utc \
|
||||
-no-shutdown \
|
||||
-no-acpi \
|
||||
-boot strict=on \
|
||||
-device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 \
|
||||
-blockdev '{"driver":"host_device","filename":"/dev/HostVG/QEMUGuest1",\
|
||||
"node-name":"libvirt-1-storage","auto-read-only":true,"discard":"unmap"}' \
|
||||
-blockdev '{"node-name":"libvirt-1-format","read-only":false,"driver":"raw",\
|
||||
"file":"libvirt-1-storage"}' \
|
||||
-device ide-hd,bus=ide.0,unit=0,drive=libvirt-1-format,id=ide0-0-0,bootindex=1 \
|
||||
-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x2 \
|
||||
-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,\
|
||||
resourcecontrol=deny \
|
||||
-msg timestamp=on
|
41
tests/qemuxml2argvdata/fips-enabled.x86_64-latest.args
Normal file
41
tests/qemuxml2argvdata/fips-enabled.x86_64-latest.args
Normal file
@ -0,0 +1,41 @@
|
||||
LC_ALL=C \
|
||||
PATH=/bin \
|
||||
HOME=/tmp/lib/domain--1-QEMUGuest1 \
|
||||
USER=test \
|
||||
LOGNAME=test \
|
||||
XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
|
||||
XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
|
||||
XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
|
||||
QEMU_AUDIO_DRV=none \
|
||||
/usr/bin/qemu-system-i386 \
|
||||
-name guest=QEMUGuest1,debug-threads=on \
|
||||
-S \
|
||||
-object secret,id=masterKey0,format=raw,\
|
||||
file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
|
||||
-enable-fips \
|
||||
-machine pc,accel=tcg,usb=off,dump-guest-core=off,memory-backend=pc.ram \
|
||||
-cpu qemu64 \
|
||||
-m 214 \
|
||||
-object memory-backend-ram,id=pc.ram,size=224395264 \
|
||||
-overcommit mem-lock=off \
|
||||
-smp 1,sockets=1,cores=1,threads=1 \
|
||||
-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
|
||||
-display none \
|
||||
-no-user-config \
|
||||
-nodefaults \
|
||||
-chardev socket,id=charmonitor,fd=1729,server,nowait \
|
||||
-mon chardev=charmonitor,id=monitor,mode=control \
|
||||
-rtc base=utc \
|
||||
-no-shutdown \
|
||||
-no-acpi \
|
||||
-boot strict=on \
|
||||
-device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 \
|
||||
-blockdev '{"driver":"host_device","filename":"/dev/HostVG/QEMUGuest1",\
|
||||
"node-name":"libvirt-1-storage","auto-read-only":true,"discard":"unmap"}' \
|
||||
-blockdev '{"node-name":"libvirt-1-format","read-only":false,"driver":"raw",\
|
||||
"file":"libvirt-1-storage"}' \
|
||||
-device ide-hd,bus=ide.0,unit=0,drive=libvirt-1-format,id=ide0-0-0,bootindex=1 \
|
||||
-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x2 \
|
||||
-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,\
|
||||
resourcecontrol=deny \
|
||||
-msg timestamp=on
|
@ -380,7 +380,7 @@ testCheckExclusiveFlags(int flags)
|
||||
{
|
||||
virCheckFlags(FLAG_EXPECT_FAILURE |
|
||||
FLAG_EXPECT_PARSE_ERROR |
|
||||
FLAG_FIPS |
|
||||
FLAG_FIPS_HOST |
|
||||
FLAG_REAL_CAPS |
|
||||
FLAG_SKIP_LEGACY_CPUS |
|
||||
FLAG_SLIRP_HELPER |
|
||||
@ -399,6 +399,7 @@ testCompareXMLToArgvCreateArgs(virQEMUDriverPtr drv,
|
||||
unsigned int flags,
|
||||
bool jsonPropsValidation)
|
||||
{
|
||||
bool enableFips = !!(flags & FLAG_FIPS_HOST);
|
||||
size_t i;
|
||||
|
||||
if (qemuProcessCreatePretendCmdPrepare(drv, vm, migrateURI, false,
|
||||
@ -489,7 +490,7 @@ testCompareXMLToArgvCreateArgs(virQEMUDriverPtr drv,
|
||||
}
|
||||
|
||||
return qemuProcessCreatePretendCmdBuild(drv, vm, migrateURI,
|
||||
(flags & FLAG_FIPS), false,
|
||||
enableFips, false,
|
||||
jsonPropsValidation);
|
||||
}
|
||||
|
||||
@ -610,9 +611,6 @@ testCompareXMLToArgv(const void *data)
|
||||
virSetConnectSecret(conn);
|
||||
virSetConnectStorage(conn);
|
||||
|
||||
if (virQEMUCapsGet(info->qemuCaps, QEMU_CAPS_ENABLE_FIPS))
|
||||
flags |= FLAG_FIPS;
|
||||
|
||||
if (testCheckExclusiveFlags(info->flags) < 0)
|
||||
goto cleanup;
|
||||
|
||||
@ -2962,7 +2960,8 @@ mymain(void)
|
||||
DO_TEST("panic-no-address",
|
||||
QEMU_CAPS_DEVICE_PANIC);
|
||||
|
||||
DO_TEST("fips-enabled", QEMU_CAPS_ENABLE_FIPS);
|
||||
DO_TEST_CAPS_ARCH_VER_FULL("fips-enabled", "x86_64", "5.1.0", ARG_FLAGS, FLAG_FIPS_HOST);
|
||||
DO_TEST_CAPS_ARCH_LATEST_FULL("fips-enabled", "x86_64", ARG_FLAGS, FLAG_FIPS_HOST);
|
||||
|
||||
DO_TEST("shmem", QEMU_CAPS_DEVICE_IVSHMEM);
|
||||
DO_TEST("shmem-plain-doorbell", QEMU_CAPS_DEVICE_IVSHMEM,
|
||||
|
@ -48,7 +48,7 @@ typedef enum {
|
||||
typedef enum {
|
||||
FLAG_EXPECT_FAILURE = 1 << 0,
|
||||
FLAG_EXPECT_PARSE_ERROR = 1 << 1,
|
||||
FLAG_FIPS = 1 << 2,
|
||||
FLAG_FIPS_HOST = 1 << 2, /* simulate host with FIPS mode enabled */
|
||||
FLAG_REAL_CAPS = 1 << 3,
|
||||
FLAG_SKIP_LEGACY_CPUS = 1 << 4,
|
||||
FLAG_SLIRP_HELPER = 1 << 5,
|
||||
|
Loading…
Reference in New Issue
Block a user