From b49c23c31b25ba14eab305d96f978b25420d3526 Mon Sep 17 00:00:00 2001
From: Sebastian Mitterle <smitterl@redhat.com>
Date: Thu, 22 Aug 2024 09:30:25 -0400
Subject: [PATCH] security/virt_what: add test for expected value

Since virt-what-1.25-9, there's an additional command 'virt-what-cvm'
that gives information about if and which confidential VM mode is
running.

The test per default assumes that the VM runs without confidentiality.
It can be configured to cover other values depending on the guest.
The supported outputs are listed on the man virt-what-cvm.

Signed-off-by: Sebastian Mitterle <smitterl@redhat.com>
---
 libvirt/tests/cfg/security/virt_what_cvm.cfg |  9 +++++++
 libvirt/tests/src/security/virt_what_cvm.py  | 27 ++++++++++++++++++++
 spell.ignore                                 |  1 +
 3 files changed, 37 insertions(+)
 create mode 100644 libvirt/tests/cfg/security/virt_what_cvm.cfg
 create mode 100644 libvirt/tests/src/security/virt_what_cvm.py

diff --git a/libvirt/tests/cfg/security/virt_what_cvm.cfg b/libvirt/tests/cfg/security/virt_what_cvm.cfg
new file mode 100644
index 0000000000..bf61a130b0
--- /dev/null
+++ b/libvirt/tests/cfg/security/virt_what_cvm.cfg
@@ -0,0 +1,9 @@
+- virt_what.cvm:
+   type = virt_what_cvm
+   start_vm = yes
+   variants:
+       - expected_value:
+           # The EXPECTED_VALUE depends on the VM. A normal VM would have "".
+           # man virt-what-cvm lists the available values for VM where
+           # confidentiality is enabled
+           expected_cvm =
diff --git a/libvirt/tests/src/security/virt_what_cvm.py b/libvirt/tests/src/security/virt_what_cvm.py
new file mode 100644
index 0000000000..24299023dd
--- /dev/null
+++ b/libvirt/tests/src/security/virt_what_cvm.py
@@ -0,0 +1,27 @@
+import logging as log
+
+from virttest import utils_misc, utils_package
+
+
+logging = log.getLogger("avocado." + __name__)
+
+
+def run(test, params, env):
+    """
+    Confirms that the output of virt-what-cvm is as expected.
+
+    :params test: The avocado test object
+    :params params: Parameters for the test
+    :params env: The avocado test environment object
+    """
+    vm_name = params.get("main_vm")
+    vm = env.get_vm(vm_name)
+    expected_cvm = params.get("expected_cvm")
+    session = vm.wait_for_login()
+    utils_package.package_install("virt-what", session=session)
+    _, o = utils_misc.cmd_status_output("virt-what-cvm", session=session)
+    if o.strip() != expected_cvm.strip():
+        test.fail(
+            f"Unexpected value '{o.strip()}' instead of {expected_cvm.strip()}."
+            " Note that the command is supported since virt-what-1.25-10."
+        )
diff --git a/spell.ignore b/spell.ignore
index 50d968b579..8d86f0bfb8 100644
--- a/spell.ignore
+++ b/spell.ignore
@@ -170,6 +170,7 @@ ctrl
 currentvcpu
 curvcpu
 CVE
+cvm
 dac
 DAC
 darget