Re: [libvirt] [PATCH v2 00/12] Add IV Secret Object support

Tuesday, 26 April 2016

On 04/16/2016 10:17 AM, John Ferlan wrote:
...
 v1:
http://www.redhat.com/archives/libvir-list/2016-April/msg00596.html

 Differences since v1:

  - Add qemuBuildiSCSICommandLine (and BuildDiskiSCSI && BuildHostdeviSCSI)
    These will do the magic necessary in order to support IV secret objects
    for the impending iSCSI -drive argument. This API doesn't require any
    qemu patches in order to work AFAICT. I also determined that the "id="
    *isn't* required for an '-iscsi ...' argument, which made using the
    complete 'path' string for 'initiator-name' possible. The other
option
    was to break it up and pass the "iqn.*" string as the initiator-name
    and a "modified" remaining string as the "id=" parameter. The
modified
    would be to ensure only alphanumeric, '-', '.', and '_'
characters are
    in the 'id=' string.

  - Fix up some logic found while actually working through the tests. Some
    of it related to what was found for the 'iscsi' options.  A couple of
    other minor nits.

  - Add tests and mocks for virRandomBytes and gnutls_rnd (note: the former
    could be used to "randomly" (hah!) generate a UUID of all '0xff').
    A mock of 'gnutls_encrypt' is not necessary since, it can only be called
    if the function gnutls_encrypt exists *and* we have a secret object
    capability.  Not having a mock function allows us to validate that
    gnutls_encrypt actually generates a value we expect based on some
    less than stellar and totally non random key's!

  - Remove the hotplug IV code (I've saved it off for future expansion).
    Although not needing to do hotplug probably means patches 6-9 are not
    required, but still I think better than the existing so I kept them
    even though they have nothing to do with IV secrets (they'd need to
    go in after patches 1-5 anyways).

  - Ran the changes through the coverity checker...

 John Ferlan (12):
   qemu: Introduce qemuDomainSecretInfo
   qemu: Introduce qemuDomainSecretPrepare and Destroy
   qemu: Introduce qemuDomainHostdevPrivatePtr
   qemu: Introduce qemuDomainSecretHostdevPrepare and Destroy
   qemu: Use qemuDomainSecretInfoPtr in qemuBuildNetworkDriveURI
   qemu: hotplug: Assume support for -device for attach virtio disk
   qemu: hotplug: Adjust error path for attach scsi disk
   qemu: hotplug: Adjust error path for attach virtio disk
   qemu: hotplug: Adjust error path for attach hostdev scsi disk
   qemu: hotplug: Fix possible memory leak of props
   qemu: Introduce qemuDomainSecretIV
   qemu: Utilize qemu secret objects for SCSI/RBD auth/secret

  configure.ac                                       |   1 +
  src/conf/domain_conf.c                             |  33 +-
  src/conf/domain_conf.h                             |   5 +-
  src/lxc/lxc_native.c                               |   4 +-
  src/qemu/qemu_alias.c                              |  23 +
  src/qemu/qemu_alias.h                              |   2 +
  src/qemu/qemu_command.c                            | 445 ++++++++++++++----
  src/qemu/qemu_command.h                            |  13 +-
  src/qemu/qemu_domain.c                             | 516 ++++++++++++++++++++-
  src/qemu/qemu_domain.h                             |  81 +++-
  src/qemu/qemu_driver.c                             |  13 +-
  src/qemu/qemu_hotplug.c                            | 247 +++++-----
  src/qemu/qemu_hotplug.h                            |   4 +-
  src/qemu/qemu_parse_command.c                      |   4 +-
  src/qemu/qemu_process.c                            |  13 +-
  src/vbox/vbox_common.c                             |   4 +-
  src/xenconfig/xen_common.c                         |   4 +-
  src/xenconfig/xen_sxpr.c                           |   4 +-
  ...uxml2argv-disk-drive-network-iscsi-auth-IV.args |  39 ++
  ...muxml2argv-disk-drive-network-iscsi-auth-IV.xml |  43 ++
  ...emuxml2argv-disk-drive-network-rbd-auth-IV.args |  31 ++
  ...qemuxml2argv-disk-drive-network-rbd-auth-IV.xml |  42 ++
  ...emuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.args |  41 ++
  ...qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.xml |  48 ++
  ...xml2argv-hostdev-scsi-virtio-iscsi-auth-IV.args |  43 ++
  ...uxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.xml |  48 ++
  tests/qemuxml2argvmock.c                           |  31 +-
  tests/qemuxml2argvtest.c                           |  19 +
  tests/virhostdevtest.c                             |   3 +-
  29 files changed, 1557 insertions(+), 247 deletions(-)
  create mode 100644
tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth-IV.args
  create mode 100644
tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth-IV.xml
  create mode 100644
tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-IV.args
  create mode 100644
tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-IV.xml
  create mode 100644
tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.args
  create mode 100644
tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.xml
  create mode 100644
tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.args
  create mode 100644
tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.xml

ping?

Note there are parts of this that will repeat Peter's just posted series
to remove QEMU_CAPS_DEVICE from qemu_hotplug.c.

Even if the IV specific portions of this change (last two patches) don't
make the release, it still would be "nice" to get the rest in...

Tks -

John

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [libvirt] [PATCH v2 00/12] Add IV Secret Object support