[virt-tools-list] [virt-manager PATCH] Fix UUID generation according to RFC 4122

Eric Blake eblake at redhat.com
Fri Aug 16 19:38:17 UTC 2013


On 08/16/2013 10:21 AM, Cole Robinson wrote:

>> Do you think it would make sense to replace
>> "00000000-1111-2222-3333-444444444444" with
>> "00000000-1111-4222-b333-444444444444" all over the tree?  It shouldn't
>> make any difference as it is used only by tests but still it is an
>> incorrect UUID.
>>
> 
> Doesn't hurt, maybe one day libvirt will tighten it's validation and our test
> suite will start to error.

Libvirt cannot tighten its validation.  While it has been fixed to now
generate valid UUID, it must not reject someone else's already existing
UUID (even if that was not valid per spec).  If libvirt started
tightening down, we'd fail to run domains that were created prior to the
tightening.  Our promise of back-compat includes rules that libvirt
should never reject an XML as invalid if an earlier version of libvirt
is what produced that XML.  (The rule is a bit fuzzier on extensions -
there are a number of places where libvirt ignores cruft, but where a
future libvirt may assign meaning to that cruft - I'm basically
formulating this in terms of a round-trip through libvirt to strip out
cruft, before promising that the resulting XML is safe for use in future
libvirt versions)

> 
>> Not in the scope of this patch: should util.validate_uuid be changed as
>> well?
>>
> 
> Let's let libvirt or the hypervisor handle the nitty gritty validation if it
> cares, validate_uuid can just be about the format of the data that a user
> passes in. Unlikely, but someone out there might be using an 'invalid' UUID
> that for all intents works correctly, no need to start erroring on them.

There are more than one valid UUID formats.  Libvirt has been fixed so
that it only generates one form (the generically random form); but if
you add a validator, you would have to validate ALL forms described in
the RFC, not just the form that libvirt generates.  Adding a validator
in virt-manager might be worthwhile, but only so long as it treats odd
forms as a warning (not hard error) that the uuid appears suspicious,
and where the user can choose to use the uuid in spite of the warning.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 621 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/virt-tools-list/attachments/20130816/43633ffe/attachment.sig>


More information about the virt-tools-list mailing list