Fix broken dominfo command when no security driver is implemented

73f34b31 · Daniel P. Berrange · 8ceac55c · 73f34b31 · 73f34b31 · 73f34b31
6 changed file
--- a/ChangeLog
+++ b/ChangeLog
+Thu Jun 25 10:32:22 BST 2009 Daniel P. Berrange <berrange@redhat.com>
+
+	Fix broken dominfo command when no security driver is implemented
+	* src/libvirt.c: Clarify semantics of return value for
+	virDomainGetSecurityLabel and virNodeGetSecurityModel
+	* src/remote_internal.c src/qemu_driver.c: memset seclabel
+	to zero
+	* src/virsh.c: Check VIR_ERR_NO_SUPPORT when querying security
+	labels in dominfo command.
+
 Wed Jun 24 19:40:43 CEST 2009 Daniel Veillard <veillard@redhat.com>

 	* po/*: update a lot of translations, and regenerate the po* files

--- a/po/bn_IN.po
+++ b/po/bn_IN.po
@@ -4042,7 +4042,7 @@ msgid "returned buffer is not same size as requested"
 msgstr "প্রাপ্ত বাফারের মাপ অনুরোধ করা মাপের সমান নয়"

 # comment from maintainer:
-# Peek is the operation of reading something in that context. 
+# Peek is the operation of reading something in that context.
 #: src/remote_internal.c:3225
 #, c-format
 msgid "memory peek request too large for remote protocol, %zi > %d"

--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -4386,11 +4386,11 @@ error:
 * @domain: a domain object
 * @seclabel: pointer to a virSecurityLabel structure
 *
- * Extract security label of an active domain.
+ * Extract security label of an active domain. The 'label' field
+ * in the @seclabel argument will be initialized to the empty
+ * string if the domain is not running under a security model.
 *
- * Returns 0 in case of success, -1 in case of failure, and -2
- * if the operation is not supported (caller decides if that's
- * an error).
+ * Returns 0 in case of success, -1 in case of failure
 */
 int
 virDomainGetSecurityLabel(virDomainPtr domain, virSecurityLabelPtr seclabel)
@@ -4421,10 +4421,11 @@ virDomainGetSecurityLabel(virDomainPtr domain, virSecurityLabelPtr seclabel)
 * @conn: a connection object
 * @secmodel: pointer to a virSecurityModel structure
 *
- * Extract the security model of a hypervisor.
+ * Extract the security model of a hypervisor. The 'model' field
+ * in the @secmodel argument may be initialized to the empty
+ * string if the driver has not activated a security model.
 *
- * Returns 0 in case of success, -1 in case of failure, and -2 if the
- * operation is not supported (caller decides if that's an error).
+ * Returns 0 in case of success, -1 in case of failure
 */
 int
 virNodeGetSecurityModel(virConnectPtr conn, virSecurityModelPtr secmodel)

--- a/src/qemu_driver.c
+++ b/src/qemu_driver.c
@@ -3070,6 +3070,8 @@ static int qemudDomainGetSecurityLabel(virDomainPtr dom, virSecurityLabelPtr sec
    qemuDriverLock(driver);
    vm = virDomainFindByUUID(&driver->domains, dom->uuid);

+    memset(seclabel, 0, sizeof(*seclabel));
+
    if (!vm) {
        char uuidstr[VIR_UUID_STRING_BUFLEN];
        virUUIDFormat(dom->uuid, uuidstr);
@@ -3127,7 +3129,7 @@ static int qemudNodeGetSecurityModel(virConnectPtr conn,

    qemuDriverLock(driver);
    if (!driver->securityDriver) {
-        ret = -2;
+        memset(secmodel, 0, sizeof (*secmodel));
        goto cleanup;
    }


--- a/src/remote_internal.c
+++ b/src/remote_internal.c
@@ -2323,6 +2323,8 @@ remoteDomainGetSecurityLabel (virDomainPtr domain, virSecurityLabelPtr seclabel)

    make_nonnull_domain (&args.dom, domain);
    memset (&ret, 0, sizeof ret);
+    memset (seclabel, 0, sizeof (*seclabel));
+
    if (call (domain->conn, priv, 0, REMOTE_PROC_DOMAIN_GET_SECURITY_LABEL,
              (xdrproc_t) xdr_remote_domain_get_security_label_args, (char *)&args,
              (xdrproc_t) xdr_remote_domain_get_security_label_ret, (char *)&ret) == -1) {
@@ -2356,6 +2358,8 @@ remoteNodeGetSecurityModel (virConnectPtr conn, virSecurityModelPtr secmodel)
    remoteDriverLock(priv);

    memset (&ret, 0, sizeof ret);
+    memset (secmodel, 0, sizeof (*secmodel));
+
    if (call (conn, priv, 0, REMOTE_PROC_NODE_GET_SECURITY_MODEL,
              (xdrproc_t) xdr_void, NULL,
              (xdrproc_t) xdr_remote_node_get_security_model_ret, (char *)&ret) == -1) {

--- a/src/virsh.c
+++ b/src/virsh.c
@@ -1643,8 +1643,10 @@ cmdDominfo(vshControl *ctl, const vshCmd *cmd)
    /* Security model and label information */
    memset(&secmodel, 0, sizeof secmodel);
    if (virNodeGetSecurityModel(ctl->conn, &secmodel) == -1) {
-        virDomainFree(dom);
-        return FALSE;
+        if (last_error->code != VIR_ERR_NO_SUPPORT) {
+            virDomainFree(dom);
+            return FALSE;
+        }
    } else {
        /* Only print something if a security model is active */
        if (secmodel.model[0] != '\0') {