[libvirt] [PATCH] qemu: monitor: Remove diskSecretLookup monitor event
by Peter Krempa
After the text monitor was deleted this event can't be triggered.
Remove it and all the unnecessary code.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
This applies on top of the text monitor removal series. I forgot to
include it while splitting branches.
src/qemu/qemu_monitor.c | 16 ----------------
src/qemu/qemu_monitor.h | 12 ------------
src/qemu/qemu_process.c | 28 ----------------------------
3 files changed, 56 deletions(-)
diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
index ac1fbddb91..02d2629eb0 100644
--- a/src/qemu/qemu_monitor.c
+++ b/src/qemu/qemu_monitor.c
@@ -1287,22 +1287,6 @@ qemuMonitorHMPCommandWithFd(qemuMonitorPtr mon,
} while (0)
-int
-qemuMonitorGetDiskSecret(qemuMonitorPtr mon,
- const char *path,
- char **secret,
- size_t *secretLen)
-{
- int ret = -1;
- *secret = NULL;
- *secretLen = 0;
-
- QEMU_MONITOR_CALLBACK(mon, ret, diskSecretLookup, mon->vm,
- path, secret, secretLen);
- return ret;
-}
-
-
int
qemuMonitorEmitEvent(qemuMonitorPtr mon, const char *event,
long long seconds, unsigned int micros,
diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h
index b3aeb83cf0..212d1e3e16 100644
--- a/src/qemu/qemu_monitor.h
+++ b/src/qemu/qemu_monitor.h
@@ -121,12 +121,6 @@ typedef void (*qemuMonitorEofNotifyCallback)(qemuMonitorPtr mon,
typedef void (*qemuMonitorErrorNotifyCallback)(qemuMonitorPtr mon,
virDomainObjPtr vm,
void *opaque);
-typedef int (*qemuMonitorDiskSecretLookupCallback)(qemuMonitorPtr mon,
- virDomainObjPtr vm,
- const char *path,
- char **secret,
- size_t *secretLen,
- void *opaque);
typedef int (*qemuMonitorDomainEventCallback)(qemuMonitorPtr mon,
virDomainObjPtr vm,
const char *event,
@@ -285,7 +279,6 @@ struct _qemuMonitorCallbacks {
qemuMonitorDestroyCallback destroy;
qemuMonitorEofNotifyCallback eofNotify;
qemuMonitorErrorNotifyCallback errorNotify;
- qemuMonitorDiskSecretLookupCallback diskSecretLookup;
qemuMonitorDomainEventCallback domainEvent;
qemuMonitorDomainShutdownCallback domainShutdown;
qemuMonitorDomainResetCallback domainReset;
@@ -369,11 +362,6 @@ int qemuMonitorHMPCommandWithFd(qemuMonitorPtr mon,
# define qemuMonitorHMPCommand(mon, cmd, reply) \
qemuMonitorHMPCommandWithFd(mon, cmd, -1, reply)
-int qemuMonitorGetDiskSecret(qemuMonitorPtr mon,
- const char *path,
- char **secret,
- size_t *secretLen);
-
int qemuMonitorEmitEvent(qemuMonitorPtr mon, const char *event,
long long seconds, unsigned int micros,
const char *details);
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 5b73a61962..2ba432630f 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -436,33 +436,6 @@ qemuProcessGetVolumeQcowPassphrase(virDomainDiskDefPtr disk,
return ret;
}
-static int
-qemuProcessFindVolumeQcowPassphrase(qemuMonitorPtr mon ATTRIBUTE_UNUSED,
- virDomainObjPtr vm,
- const char *path,
- char **secretRet,
- size_t *secretLen,
- void *opaque ATTRIBUTE_UNUSED)
-{
- virDomainDiskDefPtr disk;
- int ret = -1;
-
- virObjectLock(vm);
- if (!(disk = virDomainDiskByName(vm->def, path, true))) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("no disk found with path %s"),
- path);
- goto cleanup;
- }
-
- ret = qemuProcessGetVolumeQcowPassphrase(disk, secretRet, secretLen);
-
- cleanup:
- virObjectUnlock(vm);
- return ret;
-}
-
-
static int
qemuProcessHandleReset(qemuMonitorPtr mon ATTRIBUTE_UNUSED,
virDomainObjPtr vm,
@@ -1709,7 +1682,6 @@ qemuProcessHandleDumpCompleted(qemuMonitorPtr mon ATTRIBUTE_UNUSED,
static qemuMonitorCallbacks monitorCallbacks = {
.eofNotify = qemuProcessHandleMonitorEOF,
.errorNotify = qemuProcessHandleMonitorError,
- .diskSecretLookup = qemuProcessFindVolumeQcowPassphrase,
.domainEvent = qemuProcessHandleEvent,
.domainShutdown = qemuProcessHandleShutdown,
.domainStop = qemuProcessHandleStop,
--
2.16.2
6 years, 7 months
[libvirt] [PATCH 00/15] qemu: Implement non-shared storage migration via TLS (blockdev-add saga)
by Peter Krempa
Implement the non-shared storage migration when TLS is enabled. This is
done by using blockdev-add to add the NBD endpoint with the TLS
environment alias configured properly.
Peter Krempa (15):
qemu: block: Don't nest storage layer properties into format layer
conf: domain: Export virDomainStorageSourceParse
qemu: migration: Don't access disk members without lock
qemu: caps: Add capability for blockdev-add/blockdev-del
qemu: monitor: Factor out and document code to format QMP command
qemu: monitor: Add implementation for blockdev-add and blockdev-del
qemu: monitor: Introduce support for blockdev-mirror
qemu: block: Add helpers for hot-adding virStorageSource via blockdev
qemu: domain: Extract NBD disk migration private data formatting
qemu: domain: Extract parsing of NBD status XML
qemu: domain: Add private data for NBD migration storage source
definition
test: Add status XML test for NBD tls storage migration
qemu: migration: Rename NBD migration functions
qemu: migration: Extract code responsible for calling drive-mirror
qemu: migration: Add support for transporting NBD over TLS
src/conf/domain_conf.c | 2 +-
src/conf/domain_conf.h | 6 +
src/libvirt_private.syms | 1 +
src/qemu/qemu_block.c | 163 +++++++-
src/qemu/qemu_block.h | 34 ++
src/qemu/qemu_capabilities.c | 2 +
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_domain.c | 242 +++++++++--
src/qemu/qemu_domain.h | 1 +
src/qemu/qemu_migration.c | 306 ++++++++++----
src/qemu/qemu_monitor.c | 59 +++
src/qemu/qemu_monitor.h | 16 +
src/qemu/qemu_monitor_json.c | 164 +++++++-
src/qemu/qemu_monitor_json.h | 18 +
tests/qemublocktest.c | 11 +-
.../xml2json/block-raw-noopts.json | 15 +-
.../qemublocktestdata/xml2json/dir-fat-cache.json | 27 +-
.../qemublocktestdata/xml2json/dir-fat-floppy.json | 19 +-
.../xml2json/dir-fat-readonly.json | 19 +-
.../xml2json/file-backing_basic-aio_threads.json | 82 ++--
.../file-backing_basic-cache-directsync.json | 108 ++---
.../xml2json/file-backing_basic-cache-none.json | 108 ++---
.../xml2json/file-backing_basic-cache-unsafe.json | 108 ++---
.../file-backing_basic-cache-writeback.json | 108 ++---
.../file-backing_basic-cache-writethrough.json | 108 ++---
.../xml2json/file-backing_basic-detect.json | 76 ++--
.../xml2json/file-backing_basic-noopts.json | 60 +--
.../xml2json/file-backing_basic-unmap-detect.json | 76 ++--
.../xml2json/file-backing_basic-unmap-ignore.json | 76 ++--
.../xml2json/file-backing_basic-unmap.json | 76 ++--
.../xml2json/file-bochs-noopts.json | 15 +-
.../xml2json/file-cloop-noopts.json | 15 +-
.../xml2json/file-dmg-noopts.json | 15 +-
.../xml2json/file-ploop-noopts.json | 15 +-
.../file-qcow2-backing-chain-encryption.json | 30 +-
.../xml2json/file-qcow2-backing-chain-noopts.json | 150 +++----
.../file-qcow2-backing-chain-unterminated.json | 30 +-
.../xml2json/file-raw-aio_native.json | 25 +-
.../qemublocktestdata/xml2json/file-raw-luks.json | 15 +-
.../xml2json/file-raw-noopts.json | 15 +-
.../xml2json/file-vdi-noopts.json | 15 +-
.../xml2json/file-vhd-noopts.json | 15 +-
.../xml2json/file-vpc-noopts.json | 15 +-
.../network-qcow2-backing-chain-cache-unsafe.json | 74 ++--
...etwork-qcow2-backing-chain-encryption_auth.json | 64 +--
tests/qemucapabilitiesdata/caps_2.10.0.aarch64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.10.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.10.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.11.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.aarch64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.9.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml | 1 +
.../migration-out-nbd-tls-in.xml | 464 +++++++++++++++++++++
.../migration-out-nbd-tls-out.xml | 1 +
tests/qemuxml2xmltest.c | 1 +
60 files changed, 2172 insertions(+), 906 deletions(-)
create mode 100644 tests/qemustatusxml2xmldata/migration-out-nbd-tls-in.xml
create mode 120000 tests/qemustatusxml2xmldata/migration-out-nbd-tls-out.xml
--
2.16.2
6 years, 7 months
[libvirt] [PATCH v4 0/4] qemu: Add support for -device hda-output (disable line-in)
by Filip Alac
Add support for hda 'output' codec for ich6 and ich9 sound devices,
which allow us to disable line-in for guest.
'hda-output' codec is available since 0.14 version of qemu.
Fixes:
https://bugzilla.redhat.com/show_bug.cgi?id=1126641
v1:
https://www.redhat.com/archives/libvir-list/2018-May/msg01311.html
v2:
https://www.redhat.com/archives/libvir-list/2018-May/msg01450.html
- Split patch into series of patches
- Add description of feature in docs/news.xml
- Improve the documentation in docs/formatdomain.html.in
- Fixes coding standard errors/inconsistencies
v3:
https://www.redhat.com/archives/libvir-list/2018-May/msg01506.html
- Moved all tests to third patch
- Made possible to compile every patch by alone except fourth which
depends on the first and on the second patch.
v4:
- Moved some qemu_command and qemu_capabilities hunks from the first
patch into second patch.
Filip Alac (4):
conf: Introduce codec type 'output'
tests: Extend qemu_capabilities with 'hda-output' codec
tests: qemu: Extends tests for 'output' codec
docs: news: Describe 'output' codec
docs/formatdomain.html.in | 15 ++++++++++++---
docs/news.xml | 8 ++++++++
docs/schemas/domaincommon.rng | 1 +
src/conf/domain_conf.c | 3 ++-
src/conf/domain_conf.h | 1 +
src/qemu/qemu_capabilities.c | 2 ++
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_command.c | 5 ++++-
tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml | 1 +
.../qemucapabilitiesdata/caps_2.10.0.aarch64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.10.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml | 1 +
.../qemucapabilitiesdata/caps_2.12.0.aarch64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.6.0.aarch64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.6.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.9.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml | 1 +
.../migration-in-params-in.xml | 1 +
.../migration-out-nbd-in.xml | 1 +
.../migration-out-nbd-out.xml | 1 +
.../migration-out-params-in.xml | 1 +
tests/qemustatusxml2xmldata/modern-in.xml | 1 +
tests/qemuxml2argvdata/sound-device.args | 2 ++
tests/qemuxml2argvdata/sound-device.xml | 2 ++
tests/qemuxml2argvtest.c | 1 +
tests/qemuxml2xmloutdata/sound-device.xml | 2 ++
36 files changed, 62 insertions(+), 5 deletions(-)
--
2.17.0
6 years, 7 months
[libvirt] [ [PATCH v3 0/8] virsh completion for event, secret-event, pool-event and nodedev-event
by Lin Ma
v2 -> v3:
Most of patches in original v2 patchset were pushed, only 2 patches left,
So create a new patchset for including the 2 patches and 6 new completion
patches which about secret-event, pool-event and nodedev-event.
(Borrowed code & idea from Michal Privoznik for these patches design)
Lin Ma (8):
virsh-secret: Rename vshEventCallback to vshSecretEventCallback
virsh: Add event name completion to 'secret-event' command
virsh: Move vshEventCallback structure definition to virsh-domain.h
virsh: Add event name completion to 'event' command
virsh-pool: Rename vshEventCallback to vshPoolEventCallback
virsh: Add event name completion to 'pool-event' command
virsh-nodedev: Rename vshEventCallback to vshNodedevEventCallback
virsh: Add event name completion to 'nodedev-event' command
tools/virsh-completer.c | 119 ++++++++++++++++++++++++++++++++++++++++++++++++
tools/virsh-completer.h | 15 ++++++
tools/virsh-domain.c | 9 +---
tools/virsh-domain.h | 8 ++++
tools/virsh-nodedev.c | 19 +++-----
tools/virsh-nodedev.h | 8 ++++
tools/virsh-pool.c | 19 +++-----
tools/virsh-pool.h | 8 ++++
tools/virsh-secret.c | 18 +++-----
tools/virsh-secret.h | 8 ++++
10 files changed, 189 insertions(+), 42 deletions(-)
--
2.16.2
6 years, 7 months
[libvirt] Issue
by Mehdi AROUI
HEllo,
I try to install libvirt-python in my windows 10, with version 3.6 of
python, but I have the message
* pkg-config binary is required to compile libvirt-python*
how to fix that.
thanks in advance
regards.
6 years, 7 months
[libvirt] [PATCH 0/2] qemu: probe for -sandbox support
by Ján Tomko
There is a patch proposal on qemu-devel that removes the -sandbox
option completely without CONFIG_SECCOMP:
http://lists.nongnu.org/archive/html/qemu-devel/2018-05/msg03312.html
Now that we assume query-command-line-options support, we can probe
for it and honor the seccomp_sandbox = 0 qemu.conf option
even without passing the -sandbox off option.
Ján Tomko (2):
Reintroduce QEMU_CAPS_SECCOMP_SANDBOX
qemu: only pass -sandbox off if supported
src/qemu/qemu_capabilities.c | 1 +
src/qemu/qemu_capabilities.h | 2 +-
src/qemu/qemu_command.c | 3 ++-
tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.10.0.aarch64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.10.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.10.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.11.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.aarch64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.6.0.aarch64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.6.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.9.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml | 1 +
28 files changed, 29 insertions(+), 2 deletions(-)
--
2.16.1
6 years, 7 months
[libvirt] [PATCH] qemu: Deny hugepages for non-existent NUMA nodes
by Michal Privoznik
https://bugzilla.redhat.com/show_bug.cgi?id=1534418
Just like ec982f6d929f3c23 denies hugepages for non-existent
guest NUMA nodes in case there are some nodes configured.
Unfortunately, when there are none, qemuBuildNumaArgStr() is not
called and thus we have to have check in qemuBuildMemPathStr()
too.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/qemu/qemu_command.c | 10 +++++++
tests/qemuxml2argvdata/hugepages-pages8.xml | 41 +++++++++++++++++++++++++++++
tests/qemuxml2argvtest.c | 3 +++
3 files changed, 54 insertions(+)
create mode 100644 tests/qemuxml2argvdata/hugepages-pages8.xml
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index f3724a766b..af0af33bd1 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -7276,6 +7276,16 @@ qemuBuildMemPathStr(virQEMUDriverConfigPtr cfg,
if (!def->mem.nhugepages)
return 0;
+ if (def->mem.hugepages[0].nodemask) {
+ ssize_t next_bit = virBitmapNextSetBit(def->mem.hugepages[0].nodemask, -1);
+ if (next_bit >= 0) {
+ virReportError(VIR_ERR_XML_DETAIL,
+ _("hugepages: node %zd not found"),
+ next_bit);
+ return -1;
+ }
+ }
+
/* There is one special case: if user specified "huge"
* pages of regular system pages size.
* And there is nothing to do in this case.
diff --git a/tests/qemuxml2argvdata/hugepages-pages8.xml b/tests/qemuxml2argvdata/hugepages-pages8.xml
new file mode 100644
index 0000000000..4cf4c1a8ad
--- /dev/null
+++ b/tests/qemuxml2argvdata/hugepages-pages8.xml
@@ -0,0 +1,41 @@
+<domain type='qemu'>
+ <name>SomeDummyHugepagesGuest</name>
+ <uuid>ef1bdff4-27f3-4e85-a807-5fb4d58463cc</uuid>
+ <memory unit='KiB'>1048576</memory>
+ <currentMemory unit='KiB'>1048576</currentMemory>
+ <memoryBacking>
+ <hugepages>
+ <page size='2048' unit='KiB' nodeset='1'/>
+ </hugepages>
+ </memoryBacking>
+ <vcpu placement='static'>2</vcpu>
+ <os>
+ <type arch='i686' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu-system-i686</emulator>
+ <disk type='block' device='disk'>
+ <driver name='qemu' type='raw'/>
+ <source dev='/dev/HostVG/QEMUGuest1'/>
+ <target dev='hda' bus='ide'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+ </disk>
+ <controller type='usb' index='0'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
+ </controller>
+ <controller type='ide' index='0'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
+ </controller>
+ <controller type='pci' index='0' model='pci-root'/>
+ <input type='mouse' bus='ps2'/>
+ <input type='keyboard' bus='ps2'/>
+ <memballoon model='virtio'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
+ </memballoon>
+ </devices>
+</domain>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 78454acb1a..19801953e5 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -937,6 +937,9 @@ mymain(void)
DO_TEST("hugepages-pages7",
QEMU_CAPS_DEVICE_PC_DIMM, QEMU_CAPS_OBJECT_MEMORY_FILE,
QEMU_CAPS_OBJECT_MEMORY_FILE_DISCARD);
+ DO_TEST_FAILURE("hugepages-pages8",
+ QEMU_CAPS_DEVICE_PC_DIMM, QEMU_CAPS_OBJECT_MEMORY_FILE,
+ QEMU_CAPS_OBJECT_MEMORY_FILE_DISCARD);
DO_TEST("hugepages-memaccess", QEMU_CAPS_OBJECT_MEMORY_FILE,
QEMU_CAPS_OBJECT_MEMORY_RAM, QEMU_CAPS_DEVICE_PC_DIMM,
QEMU_CAPS_NUMA);
--
2.16.1
6 years, 7 months
[libvirt] [RFC PATCH 0/4] qemu: Forbid old qcow2 encryption
by Peter Krempa
This applies on top of the text monitor cleanup. See explanation in 3/4
for justification.
Peter Krempa (4):
tests: qemublock: Switch to qcow2+luks in test files
tests: qemu: Modernize/remove qcow2 encryption from tests not related
to storage
qemu: domain: Forbid storage with old QCOW2 encryption
qemu: Remove code for setting up disk passphrases
src/qemu/qemu_domain.c | 20 ++--
src/qemu/qemu_monitor.c | 13 ---
src/qemu/qemu_monitor.h | 4 -
src/qemu/qemu_monitor_json.c | 28 ------
src/qemu/qemu_monitor_json.h | 4 -
src/qemu/qemu_process.c | 103 ---------------------
.../file-qcow2-backing-chain-encryption.json | 2 +-
.../file-qcow2-backing-chain-encryption.xml | 2 +-
...etwork-qcow2-backing-chain-encryption_auth.json | 2 +-
...network-qcow2-backing-chain-encryption_auth.xml | 2 +-
tests/qemumonitorjsontest.c | 2 -
tests/qemuxml2argvdata/encrypted-disk-usage.args | 8 +-
tests/qemuxml2argvdata/encrypted-disk-usage.xml | 2 +-
tests/qemuxml2argvdata/encrypted-disk.args | 8 +-
tests/qemuxml2argvdata/encrypted-disk.xml | 2 +-
tests/qemuxml2argvdata/interface-server.xml | 3 -
tests/qemuxml2argvdata/user-aliases.args | 8 +-
tests/qemuxml2argvdata/user-aliases.xml | 2 +-
tests/qemuxml2argvtest.c | 7 +-
tests/qemuxml2xmloutdata/encrypted-disk.xml | 2 +-
tests/qemuxml2xmloutdata/interface-server.xml | 3 -
tests/qemuxml2xmltest.c | 6 +-
22 files changed, 50 insertions(+), 183 deletions(-)
--
2.16.2
6 years, 7 months
[libvirt] [PATCH 0/2] Add NUMA support to virshAllocpagesPagesizeCompleter
by Roland Schulz
This is a follow up to my previous patch in which I added
virshAllocpagesPagesizeCompleter.
These patches will add support for different NUMA cells, which was tried and
tested by changing default test capabilities.
Roland Schulz (2):
Add NUMA support to virshAllocpagesPagesizeCompleter.
Edit test capabilities to contain different cell pagesizes.
src/test/test_driver.c | 11 +++++++----
tools/virsh-completer.c | 15 ++++++++++++++-
tools/virsh-host.c | 2 +-
3 files changed, 22 insertions(+), 6 deletions(-)
--
2.17.0
6 years, 7 months
[libvirt] [PATCH v5 00/11] Add support for TPM emulator
by Stefan Berger
This series of patches adds support for the TPM emulator backend that
is available in QEMU and based on swtpm + libtpms. It allows to attach a
TPM 1.2 or 2 to a QEMU VM. sVirt labels are used for labeling the swtpm
process, its Unix socket, and log file with the same label that the
QEMU process gets. Besides that swtpm is added to the emulator cgroup to
restrict its CPU usage.
The device XML can be changed from a TPM 1.2 to a TPM 2 and back to a
TPM 1.2. The device state is not removed during those changes but only
when the domain is undefined.
The swtpm needs persistent storage to store its state. For that I am
using the uuid of the VM as part of the path since the name of the VM
can be changed. Logfiles, PID files, and socket names are based on the
name of the VM, though.
Stefan
v4->v5:
- Addressed John Ferlan's, Boris Fiuczysnki's and Marc Hartmayer's comments
- rebased on latest tip
v3->v4:
- Addressed John Ferlan's comments
- Fixed bugs I found while testing
- rebased on latest tip
Stefan Berger (11):
conf: Add support for external swtpm TPM emulator to domain XML
qemu: Extend QEMU capabilities with 'tpm-emulator'
util: Implement virFileChownFiles()
security: Add DAC and SELinux security for tpm-emulator
qemu: Extend qemu_conf with tpm-emulator support
qemu: Extend QEMU with external TPM support
qemu: Add support for external swtpm TPM emulator
tests: Add test cases for external swtpm TPM emulator
security: Label the external swtpm with SELinux labels
conf: Add support for choosing emulation of a TPM 2
qemu: Add swtpm to emulator cgroup
docs/formatdomain.html.in | 43 +
docs/schemas/domaincommon.rng | 17 +
libvirt.spec.in | 2 +
src/conf/domain_audit.c | 2 +
src/conf/domain_conf.c | 53 +-
src/conf/domain_conf.h | 12 +
src/libvirt_private.syms | 3 +
src/qemu/Makefile.inc.am | 10 +
src/qemu/libvirtd_qemu.aug | 5 +
src/qemu/qemu.conf | 8 +
src/qemu/qemu_capabilities.c | 5 +
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_cgroup.c | 36 +
src/qemu/qemu_cgroup.h | 2 +
src/qemu/qemu_command.c | 34 +-
src/qemu/qemu_conf.c | 43 +
src/qemu/qemu_conf.h | 6 +
src/qemu/qemu_domain.c | 3 +
src/qemu/qemu_extdevice.c | 177 ++++
src/qemu/qemu_extdevice.h | 59 ++
src/qemu/qemu_migration.c | 3 +
src/qemu/qemu_process.c | 16 +
src/qemu/qemu_security.c | 69 ++
src/qemu/qemu_security.h | 11 +
src/qemu/qemu_tpm.c | 946 +++++++++++++++++++++
src/qemu/qemu_tpm.h | 56 ++
src/qemu/test_libvirtd_qemu.aug.in | 2 +
src/security/security_dac.c | 7 +
src/security/security_driver.h | 7 +
src/security/security_manager.c | 36 +
src/security/security_manager.h | 6 +
src/security/security_selinux.c | 172 ++++
src/security/security_stack.c | 40 +
src/util/virfile.c | 55 ++
src/util/virfile.h | 3 +
tests/qemucapabilitiesdata/caps_2.11.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.aarch64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml | 1 +
.../tpm-emulator-tpm2.x86_64-latest.args | 33 +
tests/qemuxml2argvdata/tpm-emulator-tpm2.xml | 30 +
.../tpm-emulator.x86_64-latest.args | 33 +
tests/qemuxml2argvdata/tpm-emulator.xml | 30 +
tests/qemuxml2argvtest.c | 16 +-
tests/qemuxml2xmloutdata/tpm-emulator-tpm2.xml | 34 +
tests/qemuxml2xmloutdata/tpm-emulator.xml | 34 +
tests/qemuxml2xmltest.c | 1 +
48 files changed, 2156 insertions(+), 10 deletions(-)
create mode 100644 src/qemu/qemu_extdevice.c
create mode 100644 src/qemu/qemu_extdevice.h
create mode 100644 src/qemu/qemu_tpm.c
create mode 100644 src/qemu/qemu_tpm.h
create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2.xml
create mode 100644 tests/qemuxml2argvdata/tpm-emulator.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/tpm-emulator.xml
create mode 100644 tests/qemuxml2xmloutdata/tpm-emulator-tpm2.xml
create mode 100644 tests/qemuxml2xmloutdata/tpm-emulator.xml
--
2.14.3
6 years, 7 months