forked from pool/libvirt-glib
3651701c83
- secmodel-caps.patch patch accepted upstream, renamed into 0b4d331b-secmodel-caps.patch with upstream changes OBS-URL: https://build.opensuse.org/request/show/238634 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt-glib?expand=0&rev=36
325 lines
14 KiB
Diff
325 lines
14 KiB
Diff
From 0b4d331b24f3b36d61e24e8cea62971d28855ff8 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
|
|
Date: Thu, 12 Jun 2014 10:50:50 +0200
|
|
Subject: [PATCH] Add API to get security models from host capabilities
|
|
|
|
---
|
|
libvirt-gconfig/Makefile.am | 2 +
|
|
.../libvirt-gconfig-capabilities-host-secmodel.c | 62 +++++++++++++++++++
|
|
.../libvirt-gconfig-capabilities-host-secmodel.h | 69 ++++++++++++++++++++++
|
|
.../libvirt-gconfig-capabilities-host.c | 60 +++++++++++++++++++
|
|
.../libvirt-gconfig-capabilities-host.h | 3 +
|
|
libvirt-gconfig/libvirt-gconfig.h | 1 +
|
|
libvirt-gconfig/libvirt-gconfig.sym | 6 ++
|
|
libvirt-gconfig/tests/test-capabilities-parse.c | 15 ++++-
|
|
libvirt-gconfig/tests/test-capabilities-parse.xml | 4 ++
|
|
9 files changed, 221 insertions(+), 1 deletion(-)
|
|
create mode 100644 libvirt-gconfig/libvirt-gconfig-capabilities-host-secmodel.c
|
|
create mode 100644 libvirt-gconfig/libvirt-gconfig-capabilities-host-secmodel.h
|
|
|
|
Index: libvirt-glib-0.1.8/libvirt-gconfig/Makefile.am
|
|
===================================================================
|
|
--- libvirt-glib-0.1.8.orig/libvirt-gconfig/Makefile.am
|
|
+++ libvirt-glib-0.1.8/libvirt-gconfig/Makefile.am
|
|
@@ -20,6 +20,7 @@ GCONFIG_HEADER_FILES = \
|
|
libvirt-gconfig-capabilities-guest-arch.h \
|
|
libvirt-gconfig-capabilities-guest-domain.h \
|
|
libvirt-gconfig-capabilities-guest-feature.h \
|
|
+ libvirt-gconfig-capabilities-host-secmodel.h \
|
|
libvirt-gconfig-domain.h \
|
|
libvirt-gconfig-domain-address.h \
|
|
libvirt-gconfig-domain-address-pci.h \
|
|
@@ -106,6 +107,7 @@ GCONFIG_SOURCE_FILES = \
|
|
libvirt-gconfig-capabilities-guest-arch.c \
|
|
libvirt-gconfig-capabilities-guest-domain.c \
|
|
libvirt-gconfig-capabilities-guest-feature.c \
|
|
+ libvirt-gconfig-capabilities-host-secmodel.c \
|
|
libvirt-gconfig-domain.c \
|
|
libvirt-gconfig-domain-address.c \
|
|
libvirt-gconfig-domain-address-pci.c \
|
|
Index: libvirt-glib-0.1.8/libvirt-gconfig/libvirt-gconfig-capabilities-host-secmodel.c
|
|
===================================================================
|
|
--- /dev/null
|
|
+++ libvirt-glib-0.1.8/libvirt-gconfig/libvirt-gconfig-capabilities-host-secmodel.c
|
|
@@ -0,0 +1,62 @@
|
|
+/*
|
|
+ * libvirt-gconfig-capabilities-host-secmodel.c: libvirt security model capabilities
|
|
+ *
|
|
+ * Copyright (C) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
|
+ *
|
|
+ * This library is free software; you can redistribute it and/or
|
|
+ * modify it under the terms of the GNU Lesser General Public
|
|
+ * License as published by the Free Software Foundation; either
|
|
+ * version 2.1 of the License, or (at your option) any later version.
|
|
+ *
|
|
+ * This library is distributed in the hope that it will be useful,
|
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
+ * Lesser General Public License for more details.
|
|
+ *
|
|
+ * You should have received a copy of the GNU Lesser General Public
|
|
+ * License along with this library. If not, see
|
|
+ * <http://www.gnu.org/licenses/>.
|
|
+ *
|
|
+ * Authors: Cédric Bosdonnat <cbosdonnat@suse.com>
|
|
+ */
|
|
+
|
|
+#include <config.h>
|
|
+
|
|
+#include "libvirt-gconfig/libvirt-gconfig.h"
|
|
+#include "libvirt-gconfig/libvirt-gconfig-private.h"
|
|
+
|
|
+#define GVIR_CONFIG_CAPABILITIES_HOST_SECMODEL_GET_PRIVATE(obj) \
|
|
+ (G_TYPE_INSTANCE_GET_PRIVATE((obj), GVIR_CONFIG_TYPE_CAPABILITIES_HOST_SECMODEL, GVirConfigCapabilitiesHostSecModelPrivate))
|
|
+
|
|
+struct _GVirConfigCapabilitiesHostSecModelPrivate
|
|
+{
|
|
+ gboolean unused;
|
|
+};
|
|
+
|
|
+G_DEFINE_TYPE(GVirConfigCapabilitiesHostSecModel, gvir_config_capabilities_host_secmodel, GVIR_CONFIG_TYPE_OBJECT);
|
|
+
|
|
+static void gvir_config_capabilities_host_secmodel_class_init(GVirConfigCapabilitiesHostSecModelClass *klass)
|
|
+{
|
|
+ g_type_class_add_private(klass, sizeof(GVirConfigCapabilitiesHostSecModelPrivate));
|
|
+}
|
|
+
|
|
+static void gvir_config_capabilities_host_secmodel_init(GVirConfigCapabilitiesHostSecModel *secmodel)
|
|
+{
|
|
+ g_debug("Init GVirConfigCapabilitiesHostSecModel=%p", secmodel);
|
|
+
|
|
+ secmodel->priv = GVIR_CONFIG_CAPABILITIES_HOST_SECMODEL_GET_PRIVATE(secmodel);
|
|
+}
|
|
+
|
|
+const gchar *
|
|
+gvir_config_capabilities_host_secmodel_get_model(GVirConfigCapabilitiesHostSecModel *secmodel)
|
|
+{
|
|
+ return gvir_config_object_get_node_content(GVIR_CONFIG_OBJECT(secmodel),
|
|
+ "model");
|
|
+}
|
|
+
|
|
+const gchar *
|
|
+gvir_config_capabilities_host_secmodel_get_doi(GVirConfigCapabilitiesHostSecModel *secmodel)
|
|
+{
|
|
+ return gvir_config_object_get_node_content(GVIR_CONFIG_OBJECT(secmodel),
|
|
+ "doi");
|
|
+}
|
|
Index: libvirt-glib-0.1.8/libvirt-gconfig/libvirt-gconfig-capabilities-host-secmodel.h
|
|
===================================================================
|
|
--- /dev/null
|
|
+++ libvirt-glib-0.1.8/libvirt-gconfig/libvirt-gconfig-capabilities-host-secmodel.h
|
|
@@ -0,0 +1,69 @@
|
|
+/*
|
|
+ * libvirt-gconfig-capabilities-host-secmodel.h: libvirt security model capabilities
|
|
+ *
|
|
+ * Copyright (C) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
|
+ *
|
|
+ * This library is free software; you can redistribute it and/or
|
|
+ * modify it under the terms of the GNU Lesser General Public
|
|
+ * License as published by the Free Software Foundation; either
|
|
+ * version 2.1 of the License, or (at your option) any later version.
|
|
+ *
|
|
+ * This library is distributed in the hope that it will be useful,
|
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
+ * Lesser General Public License for more details.
|
|
+ *
|
|
+ * You should have received a copy of the GNU Lesser General Public
|
|
+ * License along with this library. If not, see
|
|
+ * <http://www.gnu.org/licenses/>.
|
|
+ *
|
|
+ * Authors: Cédric Bosdonnat <cbosdonnat@suse.com>
|
|
+ */
|
|
+
|
|
+#if !defined(__LIBVIRT_GCONFIG_H__) && !defined(LIBVIRT_GCONFIG_BUILD)
|
|
+#error "Only <libvirt-gconfig/libvirt-gconfig.h> can be included directly."
|
|
+#endif
|
|
+
|
|
+#ifndef __LIBVIRT_GCONFIG_CAPABILITIES_HOST_SECMODEL_H__
|
|
+#define __LIBVIRT_GCONFIG_CAPABILITIES_HOST_SECMODEL_H__
|
|
+
|
|
+G_BEGIN_DECLS
|
|
+
|
|
+#define GVIR_CONFIG_TYPE_CAPABILITIES_HOST_SECMODEL (gvir_config_capabilities_host_secmodel_get_type ())
|
|
+#define GVIR_CONFIG_CAPABILITIES_HOST_SECMODEL(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), GVIR_CONFIG_TYPE_CAPABILITIES_HOST_SECMODEL, GVirConfigCapabilitiesHostSecModel))
|
|
+#define GVIR_CONFIG_CAPABILITIES_HOST_SECMODEL_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), GVIR_CONFIG_TYPE_CAPABILITIES_HOST_SECMODEL, GVirConfigCapabilitiesHostSecModelClass))
|
|
+#define GVIR_CONFIG_IS_CAPABILITIES_HOST_SECMODEL(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), GVIR_CONFIG_TYPE_CAPABILITIES_HOST_SECMODEL))
|
|
+#define GVIR_CONFIG_IS_CAPABILITIES_HOST_SECMODEL_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), GVIR_CONFIG_TYPE_CAPABILITIES_HOST_SECMODEL))
|
|
+#define GVIR_CONFIG_CAPABILITIES_HOST_SECMODEL_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), GVIR_CONFIG_TYPE_CAPABILITIES_HOST_SECMODEL, GVirConfigCapabilitiesHostSecModelClass))
|
|
+
|
|
+typedef struct _GVirConfigCapabilitiesHostSecModel GVirConfigCapabilitiesHostSecModel;
|
|
+typedef struct _GVirConfigCapabilitiesHostSecModelPrivate GVirConfigCapabilitiesHostSecModelPrivate;
|
|
+typedef struct _GVirConfigCapabilitiesHostSecModelClass GVirConfigCapabilitiesHostSecModelClass;
|
|
+
|
|
+struct _GVirConfigCapabilitiesHostSecModel
|
|
+{
|
|
+ GVirConfigObject parent;
|
|
+
|
|
+ GVirConfigCapabilitiesHostSecModelPrivate *priv;
|
|
+
|
|
+ /* Do not add fields to this struct */
|
|
+};
|
|
+
|
|
+struct _GVirConfigCapabilitiesHostSecModelClass
|
|
+{
|
|
+ GVirConfigObjectClass parent_class;
|
|
+
|
|
+ gpointer padding[20];
|
|
+};
|
|
+
|
|
+GType gvir_config_capabilities_host_secmodel_get_type(void);
|
|
+
|
|
+const gchar *
|
|
+gvir_config_capabilities_host_secmodel_get_model(GVirConfigCapabilitiesHostSecModel *secmodel);
|
|
+
|
|
+const gchar *
|
|
+gvir_config_capabilities_host_secmodel_get_doi(GVirConfigCapabilitiesHostSecModel *secmodel);
|
|
+
|
|
+G_END_DECLS
|
|
+
|
|
+#endif /* __LIBVIRT_GCONFIG_CAPABILITIES_HOST_SECMODEL_H__ */
|
|
Index: libvirt-glib-0.1.8/libvirt-gconfig/libvirt-gconfig-capabilities-host.c
|
|
===================================================================
|
|
--- libvirt-glib-0.1.8.orig/libvirt-gconfig/libvirt-gconfig-capabilities-host.c
|
|
+++ libvirt-glib-0.1.8/libvirt-gconfig/libvirt-gconfig-capabilities-host.c
|
|
@@ -77,3 +77,63 @@ gvir_config_capabilities_host_get_cpu(GV
|
|
|
|
return GVIR_CONFIG_CAPABILITIES_CPU(object);
|
|
}
|
|
+
|
|
+struct GetSecModelData {
|
|
+ GVirConfigXmlDoc *doc;
|
|
+ const gchar *schema;
|
|
+ GList *secmodels;
|
|
+ GType type;
|
|
+};
|
|
+
|
|
+static gboolean add_secmodel(xmlNodePtr node, gpointer opaque)
|
|
+{
|
|
+ struct GetSecModelData* data = (struct GetSecModelData*)opaque;
|
|
+ GVirConfigObject *secmodel;
|
|
+
|
|
+ if (g_strcmp0((const gchar *)node->name, "secmodel") != 0)
|
|
+ return TRUE;
|
|
+
|
|
+ secmodel = gvir_config_object_new_from_tree
|
|
+ (data->type,
|
|
+ data->doc,
|
|
+ data->schema,
|
|
+ node);
|
|
+ if (secmodel != NULL)
|
|
+ data->secmodels = g_list_append(data->secmodels, secmodel);
|
|
+ else
|
|
+ g_debug("Failed to parse %s node", node->name);
|
|
+
|
|
+ return TRUE;
|
|
+}
|
|
+
|
|
+/**
|
|
+ * gvir_config_capabilities_host_get_secmodels:
|
|
+ * @host: a #GVirConfigCapabilitiesHost
|
|
+ *
|
|
+ * Get the security models listed in @host capabilities.
|
|
+ *
|
|
+ * Returns: (element-type LibvirtGConfig.CapabilitiesHostSecModel) (transfer full):
|
|
+ * a newly allocated #GList of #GVirConfigCapabilitiesHostSecModel.
|
|
+ */
|
|
+GList *
|
|
+gvir_config_capabilities_host_get_secmodels(GVirConfigCapabilitiesHost *host)
|
|
+{
|
|
+ struct GetSecModelData data;
|
|
+
|
|
+ g_return_val_if_fail(GVIR_CONFIG_IS_CAPABILITIES_HOST(host), NULL);
|
|
+
|
|
+ data.schema = gvir_config_object_get_schema(GVIR_CONFIG_OBJECT(host));
|
|
+ g_object_get(G_OBJECT(host), "doc", &data.doc, NULL);
|
|
+ g_return_val_if_fail(data.doc != NULL, NULL);
|
|
+ data.secmodels = NULL;
|
|
+ data.type = GVIR_CONFIG_TYPE_CAPABILITIES_HOST_SECMODEL;
|
|
+
|
|
+ gvir_config_object_foreach_child(GVIR_CONFIG_OBJECT(host),
|
|
+ NULL,
|
|
+ add_secmodel,
|
|
+ &data);
|
|
+
|
|
+ g_clear_object(&data.doc);
|
|
+
|
|
+ return data.secmodels;
|
|
+}
|
|
Index: libvirt-glib-0.1.8/libvirt-gconfig/libvirt-gconfig-capabilities-host.h
|
|
===================================================================
|
|
--- libvirt-glib-0.1.8.orig/libvirt-gconfig/libvirt-gconfig-capabilities-host.h
|
|
+++ libvirt-glib-0.1.8/libvirt-gconfig/libvirt-gconfig-capabilities-host.h
|
|
@@ -67,6 +67,9 @@ gvir_config_capabilities_host_get_uuid(G
|
|
GVirConfigCapabilitiesCpu *
|
|
gvir_config_capabilities_host_get_cpu(GVirConfigCapabilitiesHost *host);
|
|
|
|
+GList *
|
|
+gvir_config_capabilities_host_get_secmodels(GVirConfigCapabilitiesHost *host);
|
|
+
|
|
G_END_DECLS
|
|
|
|
#endif /* __LIBVIRT_GCONFIG_CAPABILITIES_HOST_H__ */
|
|
Index: libvirt-glib-0.1.8/libvirt-gconfig/libvirt-gconfig.h
|
|
===================================================================
|
|
--- libvirt-glib-0.1.8.orig/libvirt-gconfig/libvirt-gconfig.h
|
|
+++ libvirt-glib-0.1.8/libvirt-gconfig/libvirt-gconfig.h
|
|
@@ -37,6 +37,7 @@
|
|
#include <libvirt-gconfig/libvirt-gconfig-capabilities-guest-domain.h>
|
|
#include <libvirt-gconfig/libvirt-gconfig-capabilities-guest-feature.h>
|
|
#include <libvirt-gconfig/libvirt-gconfig-capabilities-host.h>
|
|
+#include <libvirt-gconfig/libvirt-gconfig-capabilities-host-secmodel.h>
|
|
#include <libvirt-gconfig/libvirt-gconfig-domain.h>
|
|
#include <libvirt-gconfig/libvirt-gconfig-domain-address.h>
|
|
#include <libvirt-gconfig/libvirt-gconfig-domain-address-pci.h>
|
|
Index: libvirt-glib-0.1.8/libvirt-gconfig/libvirt-gconfig.sym
|
|
===================================================================
|
|
--- libvirt-glib-0.1.8.orig/libvirt-gconfig/libvirt-gconfig.sym
|
|
+++ libvirt-glib-0.1.8/libvirt-gconfig/libvirt-gconfig.sym
|
|
@@ -614,6 +614,12 @@ LIBVIRT_GCONFIG_0.1.7 {
|
|
|
|
LIBVIRT_GCONFIG_0.1.8 {
|
|
global:
|
|
+ gvir_config_capabilities_host_get_secmodels;
|
|
+
|
|
+ gvir_config_capabilities_host_secmodel_get_doi;
|
|
+ gvir_config_capabilities_host_secmodel_get_model;
|
|
+ gvir_config_capabilities_host_secmodel_get_type;
|
|
+
|
|
gvir_config_domain_clock_get_offset;
|
|
gvir_config_domain_clock_get_timezone;
|
|
gvir_config_domain_clock_get_variable_offset;
|
|
Index: libvirt-glib-0.1.8/libvirt-gconfig/tests/test-capabilities-parse.c
|
|
===================================================================
|
|
--- libvirt-glib-0.1.8.orig/libvirt-gconfig/tests/test-capabilities-parse.c
|
|
+++ libvirt-glib-0.1.8/libvirt-gconfig/tests/test-capabilities-parse.c
|
|
@@ -35,7 +35,7 @@ static void verify_host_caps(GVirConfigC
|
|
{
|
|
GVirConfigCapabilitiesCpu *cpu_caps;
|
|
GVirConfigCapabilitiesCpuTopology *topology;
|
|
- GList *features, *iter;
|
|
+ GList *features, *iter, *secmodels;
|
|
const char *str;
|
|
|
|
g_assert(host_caps != NULL);
|
|
@@ -60,6 +60,19 @@ static void verify_host_caps(GVirConfigC
|
|
g_assert(gvir_config_capabilities_cpu_topology_get_threads(topology) == 2);
|
|
g_object_unref(G_OBJECT(topology));
|
|
g_object_unref(G_OBJECT(cpu_caps));
|
|
+
|
|
+ secmodels = gvir_config_capabilities_host_get_secmodels(host_caps);
|
|
+ g_assert(g_list_length(secmodels) == 2);
|
|
+ for (iter = secmodels; iter != NULL; iter = iter->next) {
|
|
+ GVirConfigCapabilitiesHostSecModel *secmodel;
|
|
+
|
|
+ g_assert(iter->data != NULL);
|
|
+ secmodel = GVIR_CONFIG_CAPABILITIES_HOST_SECMODEL(iter->data);
|
|
+ g_assert(gvir_config_capabilities_host_secmodel_get_model(secmodel) != NULL);
|
|
+ g_assert(gvir_config_capabilities_host_secmodel_get_doi(secmodel) != NULL);
|
|
+ g_object_unref(G_OBJECT(iter->data));
|
|
+ }
|
|
+ g_list_free(secmodels);
|
|
}
|
|
|
|
static void verify_guest_caps(GVirConfigCapabilitiesGuest *guest_caps)
|