This test is beautiful. It checks if we haven't messed up
refcounting on security labels (well, XATTRs where the original
owner is stored). It does this by setting up tracking of XATTR
setting/removing into a hash table, then calling
qemuSecuritySetAllLabel() followed by immediate
qemuSecurityRestoreAllLabel() at which point, the hash table must
be empty. The test so beautifully written that now matter
what you do it won't fail. The reason is that all seclabel work
is done in a child process. Therefore, the hash table in the
parent is never changed and thus always empty.
There are two reasons for forking (only one of them makes sense
here though):
1) namespaces - when chown()-ing a file we have to fork() and
make the child enter desired namespace,
2) locking - because of exclusive access to XATTRs we lock the
files we chown() and this is done in a fork (see 207860927ad for
more info).
While we want to fork in real world, we don't want that in a test
suite. Override virProcessRunInFork() then.
Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
---
src/util/virprocess.h | 3 ++-
tests/qemusecuritymock.c | 8 ++++++++
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/src/util/virprocess.h b/src/util/virprocess.h
index 8e5b0c2127..c360bfef98 100644
--- a/src/util/virprocess.h
+++ b/src/util/virprocess.h
@@ -108,7 +108,8 @@ typedef int (*virProcessForkCallback)(pid_t ppid,
void *opaque);
int virProcessRunInFork(virProcessForkCallback cb,
- void *opaque);
+ void *opaque)
+ ATTRIBUTE_NOINLINE;
int virProcessSetupPrivateMountNS(void);
diff --git a/tests/qemusecuritymock.c b/tests/qemusecuritymock.c
index 4edc5c44ad..d170e5da8f 100644
--- a/tests/qemusecuritymock.c
+++ b/tests/qemusecuritymock.c
@@ -416,3 +416,11 @@ int checkPaths(void)
virMutexUnlock(&m);
return ret;
}
+
+
+int
+virProcessRunInFork(virProcessForkCallback cb,
+ void *opaque)
+{
+ return cb(-1, opaque);
+}
--
2.21.0
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
