qemu: Validate firmware blob configuration

There are recommendations and limitations to the name of the config blobs we need to follow [1]. We don't want users to change any value only add new blobs. This means, that the name must have "opt/" prefix and at the same time must not begin with "opt/ovmf" nor "opt/org.qemu" as these are reserved for OVMF or QEMU respectively. 1: docs/specs/fw_cfg.txt from qemu.git Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-02 16:38:05 +02:00 · 2020-06-02 16:38:05 +02:00 · b5f8f04989
parent 3dda889a44
commit b5f8f04989
1 changed files with 32 additions and 0 deletions
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@ -762,6 +762,33 @@ qemuValidateDefGetVcpuHotplugGranularity(const virDomainDef *def)
 }


+static int
+qemuValidateDomainDefSysinfo(const virSysinfoDef *def,
+                             virQEMUCapsPtr qemuCaps G_GNUC_UNUSED)
+{
+    size_t i;
+
+    for (i = 0; i < def->nfw_cfgs; i++) {
+        const virSysinfoFWCfgDef *f = &def->fw_cfgs[i];
+
+        if (!STRPREFIX(f->name, "opt/")) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                           _("Invalid firmware name"));
+            return -1;
+        }
+
+        if (STRPREFIX(f->name, "opt/ovmf/") ||
+            STRPREFIX(f->name, "opt/org.qemu/")) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                           _("That firmware name is reserved"));
+            return -1;
+        }
+    }
+
+    return 0;
+}
+
+
 int
 qemuValidateDomainDef(const virDomainDef *def,
                      void *opaque)
@ -978,6 +1005,11 @@ qemuValidateDomainDef(const virDomainDef *def,
        }
    }

+    for (i = 0; i < def->nsysinfo; i++) {
+        if (qemuValidateDomainDefSysinfo(def->sysinfo[i], qemuCaps) < 0)
+            return -1;
+    }
+
    return 0;
 }