July 2019 - Devel - libvirt List Archives

[libvirt] [PATCH] conf: Remove unnecessary declaration in virDomainCheckpointDefParse
by John Ferlan 28 Jul '19

28 Jul '19

The @creation variable wasn't used - caused a Travis build failure. Signed-off-by: John Ferlan <jferlan(a)redhat.com> --- Pushing under the trivial and build break rules. src/conf/checkpoint_conf.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/conf/checkpoint_conf.c b/src/conf/checkpoint_conf.c index 30c6d2e717..5f4c275dd8 100644 --- a/src/conf/checkpoint_conf.c +++ b/src/conf/checkpoint_conf.c @@ -133,7 +133,6 @@ virDomainCheckpointDefParse(xmlXPathContextPtr ctxt, int n; char *tmp; VIR_AUTOFREE(xmlNodePtr *) nodes = NULL; - VIR_AUTOFREE(char *)creation = NULL; VIR_AUTOUNREF(virDomainCheckpointDefPtr) def = NULL; if (!(def = virDomainCheckpointDefNew())) -- 2.20.1

1 0

[libvirt] [PATCH] tpm: Run swtpm_setup with less parameters on incoming migration
by Stefan Berger 27 Jul '19

27 Jul '19

In case of an incoming migration we do not need to run swtpm_setup with all the parameters but only want to get the benefit of it creating a TPM state file for us that we can then label with an SELinux label. The actual state will be overwritten by the in- coming state. So we have to pass an indicator for incomingMigration all the way to the command line parameter generation for swtpm_setup. Signed-off-by: Stefan Berger <stefanb(a)linux.ibm.com> --- src/qemu/qemu_extdevice.c | 5 ++-- src/qemu/qemu_extdevice.h | 3 ++- src/qemu/qemu_process.c | 2 +- src/qemu/qemu_tpm.c | 49 +++++++++++++++++++++++++-------------- src/qemu/qemu_tpm.h | 3 ++- 5 files changed, 40 insertions(+), 22 deletions(-) diff --git a/src/qemu/qemu_extdevice.c b/src/qemu/qemu_extdevice.c index e576bca165..af52466421 100644 --- a/src/qemu/qemu_extdevice.c +++ b/src/qemu/qemu_extdevice.c @@ -128,7 +128,8 @@ qemuExtDevicesCleanupHost(virQEMUDriverPtr driver, int qemuExtDevicesStart(virQEMUDriverPtr driver, virDomainObjPtr vm, - qemuDomainLogContextPtr logCtxt) + qemuDomainLogContextPtr logCtxt, + bool incomingMigration) { int ret = 0; @@ -136,7 +137,7 @@ qemuExtDevicesStart(virQEMUDriverPtr driver, return -1; if (vm->def->tpm) - ret = qemuExtTPMStart(driver, vm, logCtxt); + ret = qemuExtTPMStart(driver, vm, logCtxt, incomingMigration); return ret; } diff --git a/src/qemu/qemu_extdevice.h b/src/qemu/qemu_extdevice.h index bbdb9a1cc2..5a53c79f38 100644 --- a/src/qemu/qemu_extdevice.h +++ b/src/qemu/qemu_extdevice.h @@ -40,7 +40,8 @@ void qemuExtDevicesCleanupHost(virQEMUDriverPtr driver, int qemuExtDevicesStart(virQEMUDriverPtr driver, virDomainObjPtr vm, - qemuDomainLogContextPtr logCtxt) + qemuDomainLogContextPtr logCtxt, + bool incomingMigration) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) ATTRIBUTE_RETURN_CHECK; diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 75205bc121..fae18824ba 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -6774,7 +6774,7 @@ qemuProcessLaunch(virConnectPtr conn, if (qemuProcessGenID(vm, flags) < 0) goto cleanup; - if (qemuExtDevicesStart(driver, vm, logCtxt) < 0) + if (qemuExtDevicesStart(driver, vm, logCtxt, incoming != NULL) < 0) goto cleanup; VIR_DEBUG("Building emulator command line"); diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index 77ef601f74..4174aa4c62 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -453,6 +453,7 @@ qemuTPMSetupEncryption(const unsigned char *secretuuid, * for the user given by userid or 'tss' * @tpmversion: The version of the TPM, either a TPM 1.2 or TPM 2 * @encryption: pointer to virStorageEncryption holding secret + * @incomingMigration: whether we have an incoming migration * * Setup the external swtpm by creating endorsement key and * certificates for it. @@ -466,7 +467,8 @@ qemuTPMEmulatorRunSetup(const char *storagepath, gid_t swtpm_group, const char *logfile, const virDomainTPMVersion tpmversion, - const unsigned char *secretuuid) + const unsigned char *secretuuid, + bool incomingMigration) { virCommandPtr cmd = NULL; int exitstatus; @@ -525,16 +527,23 @@ qemuTPMEmulatorRunSetup(const char *storagepath, pwdfile_fd = -1; } - virCommandAddArgList(cmd, - "--tpm-state", storagepath, - "--vmid", vmid, - "--logfile", logfile, - "--createek", - "--create-ek-cert", - "--create-platform-cert", - "--lock-nvram", - "--not-overwrite", - NULL); + if (!incomingMigration) { + virCommandAddArgList(cmd, + "--tpm-state", storagepath, + "--vmid", vmid, + "--logfile", logfile, + "--createek", + "--create-ek-cert", + "--create-platform-cert", + "--lock-nvram", + "--not-overwrite", + NULL); + } else { + virCommandAddArgList(cmd, + "--tpm-state", storagepath, + "--overwrite", + NULL); + } virCommandClearCaps(cmd); @@ -568,6 +577,7 @@ qemuTPMEmulatorRunSetup(const char *storagepath, * @swtpmStateDir: the directory where swtpm writes the pid file and creates the * Unix socket * @shortName: the short name of the VM + * @incomingMigration: whether we have an incoming migration * * Create the virCommand use for starting the emulator * Do some initializations on the way, such as creation of storage @@ -581,7 +591,8 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDefPtr tpm, uid_t swtpm_user, gid_t swtpm_group, const char *swtpmStateDir, - const char *shortName) + const char *shortName, + bool incomingMigration) { virCommandPtr cmd = NULL; bool created = false; @@ -605,7 +616,7 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDefPtr tpm, qemuTPMEmulatorRunSetup(tpm->data.emulator.storagepath, vmname, vmuuid, privileged, swtpm_user, swtpm_group, tpm->data.emulator.logfile, tpm->version, - secretuuid) < 0) + secretuuid, incomingMigration) < 0) goto error; unlink(tpm->data.emulator.source.data.nix.path); @@ -814,6 +825,7 @@ qemuExtTPMCleanupHost(virDomainDefPtr def) * @driver: QEMU driver * @vm: the domain object * @logCtxt: log context + * @incomingMigration: whether we have an incoming migration * * Start the external TPM Emulator: * - have the command line built @@ -822,7 +834,8 @@ qemuExtTPMCleanupHost(virDomainDefPtr def) static int qemuExtTPMStartEmulator(virQEMUDriverPtr driver, virDomainObjPtr vm, - qemuDomainLogContextPtr logCtxt) + qemuDomainLogContextPtr logCtxt, + bool incomingMigration) { int ret = -1; virCommandPtr cmd = NULL; @@ -846,7 +859,8 @@ qemuExtTPMStartEmulator(virQEMUDriverPtr driver, driver->privileged, cfg->swtpm_user, cfg->swtpm_group, - cfg->swtpmStateDir, shortName))) + cfg->swtpmStateDir, shortName, + incomingMigration))) goto cleanup; if (qemuExtDeviceLogCommand(logCtxt, cmd, "TPM Emulator") < 0) @@ -903,14 +917,15 @@ qemuExtTPMStartEmulator(virQEMUDriverPtr driver, int qemuExtTPMStart(virQEMUDriverPtr driver, virDomainObjPtr vm, - qemuDomainLogContextPtr logCtxt) + qemuDomainLogContextPtr logCtxt, + bool incomingMigration) { int ret = 0; virDomainTPMDefPtr tpm = vm->def->tpm; switch (tpm->type) { case VIR_DOMAIN_TPM_TYPE_EMULATOR: - ret = qemuExtTPMStartEmulator(driver, vm, logCtxt); + ret = qemuExtTPMStartEmulator(driver, vm, logCtxt, incomingMigration); break; case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: case VIR_DOMAIN_TPM_TYPE_LAST: diff --git a/src/qemu/qemu_tpm.h b/src/qemu/qemu_tpm.h index 74c9924d68..5f454d3580 100644 --- a/src/qemu/qemu_tpm.h +++ b/src/qemu/qemu_tpm.h @@ -37,7 +37,8 @@ void qemuExtTPMCleanupHost(virDomainDefPtr def) int qemuExtTPMStart(virQEMUDriverPtr driver, virDomainObjPtr vm, - qemuDomainLogContextPtr logCtxt) + qemuDomainLogContextPtr logCtxt, + bool incomingMigration) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) ATTRIBUTE_RETURN_CHECK; -- 2.21.0

2 1

[libvirt] [PATCH v2 0/2] tpm2: Properly handle a removed logfile
by Stefan Berger 26 Jul '19

26 Jul '19

If the swtpm's logfile was removed by the user, we get an error 'no transaction is set' from the security manager (DAC) since the labeling of the file failed the transaction in the commit() phase. In the failure case we will try to remove the label then in the error path and run into another commit() error and overwrite a more useful error message. So in this case we just call the transaction abort function. We also create an empty log file now since swtpm doesn't seem to be able to create one itself. Stefan v1->v2: - Added R-b's Stefan Berger (2): tpm: Set transationStarted to false if commit failed tpm: Create empty log file if file was removed src/qemu/qemu_security.c | 3 ++- src/qemu/qemu_tpm.c | 8 ++++++-- 2 files changed, 8 insertions(+), 3 deletions(-) -- 2.21.0

1 2

[libvirt] [PATCH v2 0/4] Cleanups on vTPM encryption patches
by Stefan Berger 26 Jul '19

26 Jul '19

This series of patches cleans up the Coverity issues reported by John. Stefan v1->v2: fixed patch 3 Stefan Berger (4): tpm: Fix memory leak and use existing variable instead tests: Call virCommandFree() in cleanup section utils: Remove ATTRIBUTE_NONNULL(1) from virCommandSetSendBuffer conf: Remove ATTRIBUTE_NONNULL(2) from virDomainCheckDeviceChanges() src/conf/domain_conf.h | 3 +-- src/qemu/qemu_tpm.c | 4 ++-- src/util/vircommand.c | 3 ++- src/util/vircommand.h | 2 +- tests/commandtest.c | 3 +-- 5 files changed, 7 insertions(+), 8 deletions(-) -- 2.20.1

1 4

[libvirt] [PATCH] backup: Fix tests/virsh-snapshot
by Eric Blake 26 Jul '19

26 Jul '19

Creating an 'exp' output file, but never comparing it against the actual output, does no one any good. :) Fixes: 280a2b41e Signed-off-by: Eric Blake <eblake(a)redhat.com> --- Pushing under the trivial rule. tests/virsh-snapshot | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/virsh-snapshot b/tests/virsh-snapshot index b23d949f62..1034140cde 100755 --- a/tests/virsh-snapshot +++ b/tests/virsh-snapshot @@ -207,6 +207,8 @@ Descendants: 0 Metadata: yes EOF +sed '1,/^virsh #/d; /virsh #/d' < out > out.cooked || fail=1 +compare exp out.cooked || fail=1 cat <<EOF > exp || fail=1 error: invalid argument: parent s3 for moment s2 not found -- 2.20.1

1 0

[libvirt] [PATCH 0/2] tpm2: Properly handle a removed logfile
by Stefan Berger 26 Jul '19

26 Jul '19

If the swtpm's logfile was removed by the user, we get an error 'no transaction is set' from the security manager (DAC) since the labeling of the file failed the transaction in the commit() phase. In the failure case we will try to remove the label then in the error path and run into another commit() error and overwrite a more useful error message. So in this case we just call the transaction abort function. We also create an empty log file now since swtpm doesn't seem to be able to create one itself. Stefan Stefan Berger (2): tpm: Set transationStarted to false if commit failed tpm: Create empty log file if file was removed src/qemu/qemu_security.c | 6 ++++-- src/qemu/qemu_tpm.c | 8 ++++++-- 2 files changed, 10 insertions(+), 4 deletions(-) -- 2.21.0

2 4

[libvirt] [PATCH 0/4] Cleanups on vTPM encrytion patches
by Stefan Berger 26 Jul '19

26 Jul '19

This series of patches cleans up the Coverity issues reported by John. Stefan Stefan Berger (4): tpm: Fix memory leak and use existing variable instead tests: Call virCommandFree() in cleanup section utils: Remove ATTRIBUTE_NONNULL(1) from virCommandSetSendBuffer conf: Remove ATTRIBUTE_NONNULL(2) from virDomainCheckDeviceChanges() src/conf/domain_conf.h | 3 +-- src/qemu/qemu_tpm.c | 4 ++-- src/util/vircommand.h | 2 +- tests/commandtest.c | 3 +-- 4 files changed, 5 insertions(+), 7 deletions(-) -- 2.20.1

3 7

[libvirt] [PATCH v7 00/19] Add support for vTPM state encryption
by Stefan Berger 26 Jul '19

26 Jul '19

This series of patches addresses the RFE in BZ 172830: https://bugzilla.redhat.com/show_bug.cgi?id=1728030 This series of patches adds support for vTPM state encryption by passing the read-end of a pipe's file descriptor to 'swtpm_setup' and 'swtpm' where they can read a passphrase from and derive a key from that passphrase. The TPM's domain XML looks to enable state encryption looks like this: <tpm model='tpm-tis'> <backend type='emulator' version='1.2'> <encryption secret='2c9ceaba-c6ef-4f38-86fd-6e3adb2df5cd'/> </backend> </tpm> The vTPM secret holding the passphrase looks like this: <secret ephemeral='no' private='yes'> <uuid>2c9ceaba-c6ef-4f38-86fd-6e3adb2df5cd</uuid> <description>vTPM passphrase example</description> <usage type='vtpm'> <name>vtpm_example</name> </usage> </secret> The swtpm v0.2 is needed that supports the command line option --print-capabilities returning a JSON object that identifies features added since v0.1. One such features is the possibility to pass a passphrase via a file descriptor. The patches do some refactoring of existing code on the way. Stefan v1->v2: - Added Marc-André's R-bs - Addressed comments - Added patches to extend virCommand to be able to write contents of multiple buffers to file descriptors for a spawned process to read from v2->v3: - Fixed some pointer issues following conversion to use VIR_AUTOFREE v3->v4: - Added test case for virCommandSetSendBuffer() to commantest.c - Addressed other issues raised by Marc-André v4->v5: - Simplified encryption node in TPM's domain XML and adapted everything that depends on this; dropped some patches and removed some R-bs for non-trivial stuff - Not limiting write size for fd's with O_NONBLOCK set v5->v6: - Addressed comments on v5 v6->v7: - Stubbed out virCommandSetSendBuffer if F_SETFL is not defined. Also having 'the other' occurrence of F_SETFL cause an error if F_SETFL is not defined. Stefan Berger (19): secret: Add support for usage type vTPM, extend schema and test case tests: Add already existing test case tpm-emulator-tpm2 conf: Extend TPM XML parser with encryption support tests: Add test for TPM XML encryption parser and formatter tests: Add tests for QEMU command line generation with encrypted TPM tpm: Move qemuTPMEmulatorInit to virTPMEmulatorInit in virtpm.c tpm: Refactor virTPMEmulatorInit to use loop tpm: Check whether previously found executables were updated tpm: Parse the capabilities supported by swtpm and swtpm_setup utils: Implement function to pass a buffer to send via a fd to virCommand utils: Convert pollfd array to be allocated utils: Mark inpipe as non-blocking utils: Extend virCommandProcessIO to include the send buffers tests: Extend command test to transfer large data to process on multiple fds tpm: Use fd to pass password to swtpm_setup and swtpm tpm: Pass migration key passphrase via fd to swtpm tpm: Check TPM XML device configuration changes after edit docs: Extend Secret XML documentation with vtpm usage type docs: Extend TPM docs with new encryption element docs/formatdomain.html.in | 12 + docs/formatsecret.html.in | 61 +++- docs/schemas/domaincommon.rng | 11 + docs/schemas/secret.rng | 10 + include/libvirt/libvirt-secret.h | 1 + include/libvirt/virterror.h | 2 + src/conf/domain_conf.c | 87 ++++- src/conf/domain_conf.h | 6 + src/conf/secret_conf.c | 13 + src/libvirt_private.syms | 10 + src/qemu/qemu_driver.c | 28 ++ src/qemu/qemu_extdevice.c | 2 +- src/qemu/qemu_extdevice.h | 3 + src/qemu/qemu_tpm.c | 211 ++++++++----- src/util/vircommand.c | 171 +++++++++- src/util/vircommand.h | 5 + src/util/virerror.c | 2 + src/util/virsecret.c | 2 +- src/util/virtpm.c | 298 +++++++++++++++++- src/util/virtpm.h | 23 ++ tests/commandhelper.c | 70 +++- tests/commandtest.c | 113 +++++++ .../tpm-emulator-tpm2-enc.x86_64-latest.args | 35 ++ .../tpm-emulator-tpm2-enc.xml | 32 ++ tests/qemuxml2argvtest.c | 1 + .../tpm-emulator-tpm2-enc.xml | 36 +++ tests/qemuxml2xmltest.c | 2 + tests/secretxml2xmlin/usage-vtpm.xml | 7 + tests/secretxml2xmltest.c | 1 + 29 files changed, 1168 insertions(+), 87 deletions(-) create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2-enc.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2-enc.xml create mode 100644 tests/qemuxml2xmloutdata/tpm-emulator-tpm2-enc.xml create mode 100644 tests/secretxml2xmlin/usage-vtpm.xml -- 2.20.1

4 26

[libvirt] [PATCH] test_driver: implement virDomainGetCPUStats
by Ilias Stamatis 26 Jul '19

26 Jul '19

Signed-off-by: Ilias Stamatis <stamatis.iliass(a)gmail.com> --- src/test/test_driver.c | 131 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 131 insertions(+) diff --git a/src/test/test_driver.c b/src/test/test_driver.c index fcb80c9e47..2907c043cb 100644 --- a/src/test/test_driver.c +++ b/src/test/test_driver.c @@ -3258,6 +3258,136 @@ static int testDomainSetMetadata(virDomainPtr dom, return ret; } + +static int +testDomainGetDomainTotalCpuStats(virTypedParameterPtr params, + int nparams) +{ + if (nparams == 0) /* return supported number of params */ + return 3; + + if (virTypedParameterAssign(&params[0], VIR_DOMAIN_CPU_STATS_CPUTIME, + VIR_TYPED_PARAM_ULLONG, 77102913900) < 0) + return -1; + + if (nparams > 1 && + virTypedParameterAssign(&params[1], + VIR_DOMAIN_CPU_STATS_USERTIME, + VIR_TYPED_PARAM_ULLONG, 45650000000) < 0) + return -1; + + if (nparams > 2 && + virTypedParameterAssign(&params[2], + VIR_DOMAIN_CPU_STATS_SYSTEMTIME, + VIR_TYPED_PARAM_ULLONG, 11390000000) < 0) + return -1; + + if (nparams > 3) + nparams = 3; + + return nparams; +} + + +static int +testDomainGetPercpuStats(virTypedParameterPtr params, + unsigned int nparams, + int start_cpu, + unsigned int ncpus, + int total_cpus) +{ + size_t i; + int need_cpus; + int param_idx; + int ret = -1; + + /* return the number of supported params */ + if (nparams == 0 && ncpus != 0) + return 2; + + /* return total number of cpus */ + if (ncpus == 0) { + ret = total_cpus; + goto cleanup; + } + + if (start_cpu >= total_cpus) { + virReportError(VIR_ERR_INVALID_ARG, + _("start_cpu %d larger than maximum of %d"), + start_cpu, total_cpus - 1); + goto cleanup; + } + + /* return percpu cputime in index 0 */ + param_idx = 0; + + /* number of cpus to compute */ + need_cpus = MIN(total_cpus, start_cpu + ncpus); + + for (i = 0; i < need_cpus; i++) { + if (i < start_cpu) + continue; + int idx = (i - start_cpu) * nparams + param_idx; + if (virTypedParameterAssign(&params[idx], + VIR_DOMAIN_CPU_STATS_CPUTIME, + VIR_TYPED_PARAM_ULLONG, + 202542145062 + 10 * i) < 0) + goto cleanup; + } + + /* return percpu vcputime in index 1 */ + param_idx = 1; + + if (param_idx < nparams) { + for (i = start_cpu; i < need_cpus; i++) { + int idx = (i - start_cpu) * nparams + param_idx; + if (virTypedParameterAssign(&params[idx], + VIR_DOMAIN_CPU_STATS_VCPUTIME, + VIR_TYPED_PARAM_ULLONG, + 26254023765 + 10 * i) < 0) + goto cleanup; + } + param_idx++; + } + + ret = param_idx; + cleanup: + return ret; +} + + +static int +testDomainGetCPUStats(virDomainPtr dom, + virTypedParameterPtr params, + unsigned int nparams, + int start_cpu, + unsigned int ncpus, + unsigned int flags) +{ + virDomainObjPtr vm = NULL; + testDriverPtr privconn = dom->conn->privateData; + int ret = -1; + + virCheckFlags(VIR_TYPED_PARAM_STRING_OKAY, -1); + + if (!(vm = testDomObjFromDomain(dom))) + return -1; + + if (virDomainObjCheckActive(vm) < 0) + goto cleanup; + + if (start_cpu == -1) + ret = testDomainGetDomainTotalCpuStats(params, nparams); + else + ret = testDomainGetPercpuStats(params, nparams, start_cpu, ncpus, + privconn->nodeInfo.cores); + + cleanup: + virDomainObjEndAPI(&vm); + return ret; +} + + static int testDomainSendProcessSignal(virDomainPtr dom, long long pid_value, @@ -7794,6 +7924,7 @@ static virHypervisorDriver testHypervisorDriver = { .domainSendKey = testDomainSendKey, /* 5.5.0 */ .domainGetMetadata = testDomainGetMetadata, /* 1.1.3 */ .domainSetMetadata = testDomainSetMetadata, /* 1.1.3 */ + .domainGetCPUStats = testDomainGetCPUStats, /* 5.6.0 */ .domainSendProcessSignal = testDomainSendProcessSignal, /* 5.5.0 */ .connectGetCPUModelNames = testConnectGetCPUModelNames, /* 1.1.3 */ .domainManagedSave = testDomainManagedSave, /* 1.1.4 */ -- 2.22.0

3 4

[libvirt] [PATCH 0/2] test_driver: implement emulator pinning APIs
by Ilias Stamatis 26 Jul '19

26 Jul '19

Ilias Stamatis (2): test_driver: implement virDomainGetEmulatorPinInfo test_driver: implement virDomainPinEmulator src/test/test_driver.c | 92 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) -- 2.22.0

2 3