api/admin: report unexpected driver name in admin.pool.Add

Same as 8f1d59e did for unexpected driver *options*. Fixes QubesOS/qubes-issues#7981 (cherry picked from commit 87aa128)
QubesOS · May 13, 2023 · 8c93ef0 · 8c93ef0
1 parent 4e1c9b5
commit 8c93ef0
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 3 deletions.
diff --git a/qubes/api/admin.py b/qubes/api/admin.py
@@ -681,8 +681,10 @@ async def pool_usage(self):
         scope='global', write=True)
     async def pool_add(self, untrusted_payload):
         self.enforce(self.dest.name == 'dom0')
-        drivers = qubes.storage.pool_drivers()
-        self.enforce(self.arg in drivers)
+        if self.arg not in qubes.storage.pool_drivers():
+            raise qubes.exc.QubesException(
+                'unexpected driver name: ' + self.arg)
+
         untrusted_pool_config = untrusted_payload.decode('ascii').splitlines()
         del untrusted_payload
         self.enforce(all(('=' in line) for line in untrusted_pool_config))

diff --git a/qubes/tests/api_admin.py b/qubes/tests/api_admin.py
@@ -769,7 +769,7 @@ def test_160_pool_add_invalid_driver(self, mock_parameters, mock_drivers):
 
         add_pool_mock, self.app.add_pool = self.coroutine_mock()
 
-        with self.assertRaises(qubes.api.PermissionDenied):
+        with self.assertRaises(qubes.exc.QubesException):
             self.call_mgmt_func(b'admin.pool.Add', b'dom0',
                 b'no-such-driver', b'name=test-pool\nparam1=some-value\n')
         self.assertEqual(mock_drivers.mock_calls, [unittest.mock.call()])