qemu: Forbid slashes in shmem name

With that users could access files outside /dev/shm.  That itself
isn't a security problem, but might cause some errors we want to
avoid.  So let's forbid slashes as we do with domain and volume names
and also mention that in the schema.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1395496Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

docs/schemas/domaincommon.rng

@@ -3633,7 +3633,11 @@
 
   <define name="shmem">
     <element name="shmem">
-      <attribute name="name"/>
+      <attribute name="name">
+        <data type="string">
+          <param name="pattern">[^/]*</param>
+        </data>
+      </attribute>
       <interleave>
         <optional>
           <element name="model">

src/qemu/qemu_process.c

@@ -4589,6 +4589,25 @@ qemuProcessStartValidateIOThreads(virDomainObjPtr vm,
 }
 
 
+qemuProcessStartValidateShmem(virDomainObjPtr vm)
+{
+    size_t i;
+
+    for (i = 0; i < vm->def->nshmems; i++) {
+        virDomainShmemDefPtr shmem = vm->def->shmems[i];
+
+        if (strchr(shmem->name, '/')) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                           _("shmem name '%s' must not contain '/'"),
+                           shmem->name);
+            return -1;
+        }
+    }
+
+    return 0;
+}
+
+
 static int
 qemuProcessStartValidateXML(virQEMUDriverPtr driver,
                             virDomainObjPtr vm,
@@ -4668,6 +4687,9 @@ qemuProcessStartValidate(virQEMUDriverPtr driver,
     if (qemuProcessStartValidateIOThreads(vm, qemuCaps) < 0)
         return -1;
 
+    if (qemuProcessStartValidateShmem(vm) < 0)
+        return -1;
+
     VIR_DEBUG("Checking for any possible (non-fatal) issues");
 
     qemuProcessStartWarnShmem(vm);