[libvirt] [PATCH 0/6] Some patches for native TLS encrypted chardev TCP support

Monday, 13 June 2016

Not fully complete yet as I need the key secret from the LUKS
encryption support series; however, I figured I would post what I
have that is at least "separable".

This set of patches is in support of:

https://bugzilla.redhat.com/show_bug.cgi?id=1300776

What's missing is the ability to provide an AES secret/key/passphrase
in order to generate the qemu "passwordid=tlskey0" option.

John Ferlan (6):
  caps: Add capability for tls-x509-creds
  docs: Clarify chardev protocol
  qemu: Refactor qemuDomainAttachChrDevice error paths
  conf: Add new tlsx509 attribute for tcp chardev
  qemu: Add support for TLS X.509 path
  qemu: Add the ability to hotplug the TLS X.509 environment

 docs/formatdomain.html.in                          |  36 +++++++-
 docs/schemas/domaincommon.rng                      |  12 +++
 src/conf/domain_audit.c                            |   2 +
 src/conf/domain_conf.c                             |  15 +++
 src/conf/domain_conf.h                             |   1 +
 src/conf/virchrdev.c                               |   1 +
 src/qemu/qemu_capabilities.c                       |   2 +
 src/qemu/qemu_capabilities.h                       |   1 +
 src/qemu/qemu_command.c                            | 101 +++++++++++++++++++++
 src/qemu/qemu_command.h                            |   6 ++
 src/qemu/qemu_hotplug.c                            |  47 ++++++++--
 src/qemu/qemu_monitor_json.c                       |   9 ++
 src/security/security_dac.c                        |  11 ++-
 src/security/security_selinux.c                    |  10 ++
 src/security/virt-aa-helper.c                      |  12 ++-
 tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml   |   1 +
 .../caps_2.6.0-gicv2.aarch64.xml                   |   1 +
 .../caps_2.6.0-gicv3.aarch64.xml                   |   1 +
 tests/qemucapabilitiesdata/caps_2.6.0.ppc64le.xml  |   1 +
 tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml   |   1 +
 .../qemuxml2argv-serial-tcp-tlsx509-chardev.args   |  32 +++++++
 .../qemuxml2argv-serial-tcp-tlsx509-chardev.xml    |  42 +++++++++
 tests/qemuxml2argvtest.c                           |   3 +
 .../qemuxml2xmlout-serial-tcp-tlsx509-chardev.xml  |  51 +++++++++++
 tests/qemuxml2xmltest.c                            |   1 +
 25 files changed, 385 insertions(+), 15 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.xml
 create mode 100644
tests/qemuxml2xmloutdata/qemuxml2xmlout-serial-tcp-tlsx509-chardev.xml

-- 
2.5.5

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt] [PATCH 0/6] Some patches for native TLS encrypted chardev TCP support