From nobody Sun Apr 28 14:42:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1505395338196823.0159322608381; Thu, 14 Sep 2017 06:22:18 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id EBA4E356D7; Thu, 14 Sep 2017 13:22:16 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 70F1B6B6C9; Thu, 14 Sep 2017 13:22:16 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 447D441F77; Thu, 14 Sep 2017 13:22:15 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v8ECq2Tn012460 for ; Thu, 14 Sep 2017 08:52:02 -0400 Received: by smtp.corp.redhat.com (Postfix) id 91C0967C69; Thu, 14 Sep 2017 12:52:02 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-114.phx2.redhat.com [10.3.117.114]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5A6C55D963 for ; Thu, 14 Sep 2017 12:52:00 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com EBA4E356D7 Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com From: John Ferlan To: libvir-list@redhat.com Date: Thu, 14 Sep 2017 08:51:46 -0400 Message-Id: <20170914125156.1607-2-jferlan@redhat.com> In-Reply-To: <20170914125156.1607-1-jferlan@redhat.com> References: <20170914125156.1607-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v8 01/11] qemu: Detect support for vxhs X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Thu, 14 Sep 2017 13:22:17 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Using the query-qmp-schema introspection - look for the 'vxhs' blockdevOptions type. NB: This is a "best effort" type situation as there is not a mechanism to determine whether the running QEMU has been built with '--enable-vxhs'. All we can do is check if the option to use vxhs for a blockdev-add exists in the command infrastructure which does not take that into account when building its table of commands and options. Signed-off-by: John Ferlan --- src/qemu/qemu_capabilities.c | 4 ++++ src/qemu/qemu_capabilities.h | 3 +++ tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml | 1 + 3 files changed, 8 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index c690cb349..2486d2015 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -439,6 +439,9 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST, "virtio-net.tx_queue_size", "chardev-reconnect", "virtio-gpu.max_outputs", + + /* 270 */ + "vxhs", ); =20 =20 @@ -1810,6 +1813,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsObjec= tPropsIntelIOMMU[] =3D { static struct virQEMUCapsStringFlags virQEMUCapsQMPSchemaQueries[] =3D { { "blockdev-add/arg-type/options/+gluster/debug-level", QEMU_CAPS_GLUS= TER_DEBUG_LEVEL}, { "blockdev-add/arg-type/+gluster/debug", QEMU_CAPS_GLUSTER_DEBUG_LEVE= L}, + { "blockdev-add/arg-type/+vxhs", QEMU_CAPS_VXHS}, }; =20 struct virQEMUCapsObjectTypeProps { diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 85c390abf..2a0e9c743 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -426,6 +426,9 @@ typedef enum { QEMU_CAPS_CHARDEV_RECONNECT, /* -chardev reconnect */ QEMU_CAPS_VIRTIO_GPU_MAX_OUTPUTS, /* -device virtio-(vga|gpu-*),max-ou= tputs=3D */ =20 + /* 270 */ + QEMU_CAPS_VXHS, /* -drive file.driver=3Dvxhs via query-qmp-schema */ + QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; =20 diff --git a/tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml b/tests/qemu= capabilitiesdata/caps_2.10.0.x86_64.xml index 604921122..8a31431c0 100644 --- a/tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml @@ -222,6 +222,7 @@ + 2010000 0 (v2.10.0) --=20 2.13.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sun Apr 28 14:42:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1505395359339207.48935949923532; Thu, 14 Sep 2017 06:22:39 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4C8EFC04B310; Thu, 14 Sep 2017 13:22:38 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 285306F427; Thu, 14 Sep 2017 13:22:38 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id DAC7F4ED22; Thu, 14 Sep 2017 13:22:37 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v8ECq21k012466 for ; Thu, 14 Sep 2017 08:52:02 -0400 Received: by smtp.corp.redhat.com (Postfix) id E91975D963; Thu, 14 Sep 2017 12:52:02 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-114.phx2.redhat.com [10.3.117.114]) by smtp.corp.redhat.com (Postfix) with ESMTP id B3BA66CDA7 for ; Thu, 14 Sep 2017 12:52:02 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 4C8EFC04B310 Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com From: John Ferlan To: libvir-list@redhat.com Date: Thu, 14 Sep 2017 08:51:47 -0400 Message-Id: <20170914125156.1607-3-jferlan@redhat.com> In-Reply-To: <20170914125156.1607-1-jferlan@redhat.com> References: <20170914125156.1607-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v8 02/11] storage: Introduce VIR_STORAGE_NET_PROTOCOL_VXHS X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Thu, 14 Sep 2017 13:22:38 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" From: Ashish Mittal Add a new virStorageNetProtocol for Veritas HyperScale (VxHS) disks Signed-off-by: Ashish Mittal Signed-off-by: John Ferlan --- src/libxl/libxl_conf.c | 1 + src/qemu/qemu_block.c | 1 + src/qemu/qemu_command.c | 1 + src/qemu/qemu_driver.c | 3 +++ src/qemu/qemu_parse_command.c | 1 + src/util/virstoragefile.c | 5 ++++- src/util/virstoragefile.h | 1 + src/xenconfig/xen_xl.c | 1 + 8 files changed, 13 insertions(+), 1 deletion(-) diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c index 4416a09dd..34233a955 100644 --- a/src/libxl/libxl_conf.c +++ b/src/libxl/libxl_conf.c @@ -666,6 +666,7 @@ libxlMakeNetworkDiskSrcStr(virStorageSourcePtr src, case VIR_STORAGE_NET_PROTOCOL_GLUSTER: case VIR_STORAGE_NET_PROTOCOL_SHEEPDOG: case VIR_STORAGE_NET_PROTOCOL_SSH: + case VIR_STORAGE_NET_PROTOCOL_VXHS: case VIR_STORAGE_NET_PROTOCOL_LAST: case VIR_STORAGE_NET_PROTOCOL_NONE: virReportError(VIR_ERR_NO_SUPPORT, diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index 7fb12ea5a..d07269f4e 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -522,6 +522,7 @@ qemuBlockStorageSourceGetBackendProps(virStorageSourceP= tr src) case VIR_STORAGE_NET_PROTOCOL_FTPS: case VIR_STORAGE_NET_PROTOCOL_TFTP: case VIR_STORAGE_NET_PROTOCOL_SSH: + case VIR_STORAGE_NET_PROTOCOL_VXHS: case VIR_STORAGE_NET_PROTOCOL_NONE: case VIR_STORAGE_NET_PROTOCOL_LAST: break; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index d553df57f..720530daa 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -999,6 +999,7 @@ qemuBuildNetworkDriveStr(virStorageSourcePtr src, _("'ssh' protocol is not yet supported")); goto cleanup; =20 + case VIR_STORAGE_NET_PROTOCOL_VXHS: case VIR_STORAGE_NET_PROTOCOL_LAST: case VIR_STORAGE_NET_PROTOCOL_NONE: virReportError(VIR_ERR_INTERNAL_ERROR, diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index b334cf20b..d299938c5 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -13838,6 +13838,7 @@ qemuDomainSnapshotPrepareDiskExternalBackingInactiv= e(virDomainDiskDefPtr disk) case VIR_STORAGE_NET_PROTOCOL_FTPS: case VIR_STORAGE_NET_PROTOCOL_TFTP: case VIR_STORAGE_NET_PROTOCOL_SSH: + case VIR_STORAGE_NET_PROTOCOL_VXHS: case VIR_STORAGE_NET_PROTOCOL_LAST: virReportError(VIR_ERR_INTERNAL_ERROR, _("external inactive snapshots are not supporte= d on " @@ -13901,6 +13902,7 @@ qemuDomainSnapshotPrepareDiskExternalOverlayActive(= virDomainSnapshotDiskDefPtr d case VIR_STORAGE_NET_PROTOCOL_FTPS: case VIR_STORAGE_NET_PROTOCOL_TFTP: case VIR_STORAGE_NET_PROTOCOL_SSH: + case VIR_STORAGE_NET_PROTOCOL_VXHS: case VIR_STORAGE_NET_PROTOCOL_LAST: virReportError(VIR_ERR_INTERNAL_ERROR, _("external active snapshots are not supported = on " @@ -14046,6 +14048,7 @@ qemuDomainSnapshotPrepareDiskInternal(virConnectPtr= conn, case VIR_STORAGE_NET_PROTOCOL_FTPS: case VIR_STORAGE_NET_PROTOCOL_TFTP: case VIR_STORAGE_NET_PROTOCOL_SSH: + case VIR_STORAGE_NET_PROTOCOL_VXHS: case VIR_STORAGE_NET_PROTOCOL_LAST: virReportError(VIR_ERR_INTERNAL_ERROR, _("internal inactive snapshots are not supporte= d on " diff --git a/src/qemu/qemu_parse_command.c b/src/qemu/qemu_parse_command.c index 8cb96a24a..9190a37ba 100644 --- a/src/qemu/qemu_parse_command.c +++ b/src/qemu/qemu_parse_command.c @@ -2026,6 +2026,7 @@ qemuParseCommandLine(virCapsPtr caps, case VIR_STORAGE_NET_PROTOCOL_FTPS: case VIR_STORAGE_NET_PROTOCOL_TFTP: case VIR_STORAGE_NET_PROTOCOL_SSH: + case VIR_STORAGE_NET_PROTOCOL_VXHS: case VIR_STORAGE_NET_PROTOCOL_LAST: case VIR_STORAGE_NET_PROTOCOL_NONE: /* ignored for now */ diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c index e94ad32f0..ca306c27b 100644 --- a/src/util/virstoragefile.c +++ b/src/util/virstoragefile.c @@ -85,7 +85,8 @@ VIR_ENUM_IMPL(virStorageNetProtocol, VIR_STORAGE_NET_PROT= OCOL_LAST, "ftp", "ftps", "tftp", - "ssh") + "ssh", + "vxhs") =20 VIR_ENUM_IMPL(virStorageNetHostTransport, VIR_STORAGE_NET_HOST_TRANS_LAST, "tcp", @@ -2712,6 +2713,7 @@ virStorageSourceParseBackingColon(virStorageSourcePtr= src, case VIR_STORAGE_NET_PROTOCOL_ISCSI: case VIR_STORAGE_NET_PROTOCOL_GLUSTER: case VIR_STORAGE_NET_PROTOCOL_SSH: + case VIR_STORAGE_NET_PROTOCOL_VXHS: virReportError(VIR_ERR_INTERNAL_ERROR, _("malformed backing store path for protocol %s"), protocol); @@ -3992,6 +3994,7 @@ virStorageSourceNetworkDefaultPort(virStorageNetProto= col protocol) /* we don't provide a default for RBD */ return 0; =20 + case VIR_STORAGE_NET_PROTOCOL_VXHS: case VIR_STORAGE_NET_PROTOCOL_LAST: case VIR_STORAGE_NET_PROTOCOL_NONE: return 0; diff --git a/src/util/virstoragefile.h b/src/util/virstoragefile.h index 6c388b1a5..f7e897f25 100644 --- a/src/util/virstoragefile.h +++ b/src/util/virstoragefile.h @@ -134,6 +134,7 @@ typedef enum { VIR_STORAGE_NET_PROTOCOL_FTPS, VIR_STORAGE_NET_PROTOCOL_TFTP, VIR_STORAGE_NET_PROTOCOL_SSH, + VIR_STORAGE_NET_PROTOCOL_VXHS, =20 VIR_STORAGE_NET_PROTOCOL_LAST } virStorageNetProtocol; diff --git a/src/xenconfig/xen_xl.c b/src/xenconfig/xen_xl.c index d168d3fa4..8acbfe3f6 100644 --- a/src/xenconfig/xen_xl.c +++ b/src/xenconfig/xen_xl.c @@ -1024,6 +1024,7 @@ xenFormatXLDiskSrcNet(virStorageSourcePtr src) case VIR_STORAGE_NET_PROTOCOL_GLUSTER: case VIR_STORAGE_NET_PROTOCOL_SHEEPDOG: case VIR_STORAGE_NET_PROTOCOL_SSH: + case VIR_STORAGE_NET_PROTOCOL_VXHS: case VIR_STORAGE_NET_PROTOCOL_LAST: case VIR_STORAGE_NET_PROTOCOL_NONE: virReportError(VIR_ERR_NO_SUPPORT, --=20 2.13.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sun Apr 28 14:42:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1505395380561640.849058185308; Thu, 14 Sep 2017 06:23:00 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 78DA9C0587E6; Thu, 14 Sep 2017 13:22:59 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2FCF617F49; Thu, 14 Sep 2017 13:22:59 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id EA9A841F77; Thu, 14 Sep 2017 13:22:58 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v8ECq3li012472 for ; Thu, 14 Sep 2017 08:52:03 -0400 Received: by smtp.corp.redhat.com (Postfix) id 692CA4F9AB; Thu, 14 Sep 2017 12:52:03 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-114.phx2.redhat.com [10.3.117.114]) by smtp.corp.redhat.com (Postfix) with ESMTP id 348C85D963 for ; Thu, 14 Sep 2017 12:52:03 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 78DA9C0587E6 Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com From: John Ferlan To: libvir-list@redhat.com Date: Thu, 14 Sep 2017 08:51:48 -0400 Message-Id: <20170914125156.1607-4-jferlan@redhat.com> In-Reply-To: <20170914125156.1607-1-jferlan@redhat.com> References: <20170914125156.1607-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v8 03/11] docs: Add schema and docs for Veritas HyperScale (VxHS) X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 14 Sep 2017 13:22:59 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" From: Ashish Mittal Alter the schema to allow a VxHS block device. Sample XML is: eb90327c-8302-4725-9e1b-4e85ed4dc251
Update the html docs to describe the capability for VxHS. Alter the qemuxml2xmltest to validate the formatting. Signed-off-by: Ashish Mittal Signed-off-by: John Ferlan --- docs/formatdomain.html.in | 15 ++++++++-- docs/schemas/domaincommon.rng | 13 +++++++++ .../qemuxml2argv-disk-drive-network-vxhs.xml | 32 ++++++++++++++++++= ++ .../qemuxml2xmlout-disk-drive-network-vxhs.xml | 34 ++++++++++++++++++= ++++ tests/qemuxml2xmltest.c | 1 + 5 files changed, 92 insertions(+), 3 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-= vxhs.xml create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-disk-drive-netw= ork-vxhs.xml diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 8ca7637a4..446ffff4c 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -2520,9 +2520,9 @@
The protocol attribute specifies the protocol to access to the requested image. Possible values are "nbd", - "iscsi", "rbd", "sheepdog" or "gluster". If the - protocol attribute is "rbd", "sheepdog" or - "gluster", an additional attribute name is + "iscsi", "rbd", "sheepdog", "gluster" or "vxhs". If the + protocol attribute is "rbd", "sheepdog", "glust= er" + or "vxhs", an additional attribute name is mandatory to specify which volume/image will be used. For "n= bd", the name attribute is optional. For "iscsi" (since 1.0.4), the name @@ -2530,6 +2530,9 @@ target's name by a slash (e.g., iqn.2013-07.com.example:iscsi-pool/1). If not specified, the default LUN is zero. + For "vxhs" (since 3.8.0), the + name is the UUID of the volume, assigned by the + HyperScale server. Since 0.8.7
volume
@@ -2632,6 +2635,12 @@ one or more (Since 2.1.0= ), just one prior to that 24007 + + vxhs + a server running Veritas HyperScale daemon + only one + 9999 +

gluster supports "tcp", "rdma", "unix" as valid values for the diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index c9a4f7a9a..76852abb3 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -1636,6 +1636,18 @@ =20 + + + + + vxhs + + + + + + + network @@ -1646,6 +1658,7 @@ + =20 diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-vxhs.xm= l b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-vxhs.xml new file mode 100644 index 000000000..4f4df2f9e --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-vxhs.xml @@ -0,0 +1,32 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219136 + 219136 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + + + + eb90327c-8302-4725-9e1b-4e85ed4dc251 +

+ + + + + + + + diff --git a/tests/qemuxml2xmloutdata/qemuxml2xmlout-disk-drive-network-vxh= s.xml b/tests/qemuxml2xmloutdata/qemuxml2xmlout-disk-drive-network-vxhs.xml new file mode 100644 index 000000000..160ed8d5f --- /dev/null +++ b/tests/qemuxml2xmloutdata/qemuxml2xmlout-disk-drive-network-vxhs.xml @@ -0,0 +1,34 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219136 + 219136 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + + + + eb90327c-8302-4725-9e1b-4e85ed4dc251 +
+ + +
+ + + + + + + diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 0a87cedf2..8b7577fd3 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -474,6 +474,7 @@ mymain(void) DO_TEST("disk-drive-network-rbd-ipv6", NONE); DO_TEST("disk-drive-network-rbd-ceph-env", NONE); DO_TEST("disk-drive-network-sheepdog", NONE); + DO_TEST("disk-drive-network-vxhs", NONE); DO_TEST("disk-scsi-device", QEMU_CAPS_NODEFCONFIG, QEMU_CAPS_SCSI_LSI); DO_TEST("disk-scsi-vscsi", NONE); --=20 2.13.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sun Apr 28 14:42:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1505395154407198.47854249438933; Thu, 14 Sep 2017 06:19:14 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3F360C058EA3; Thu, 14 Sep 2017 13:19:13 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 1F98F63742; Thu, 14 Sep 2017 13:19:13 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D9BE21806107; Thu, 14 Sep 2017 13:19:12 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v8ECq3sV012478 for ; Thu, 14 Sep 2017 08:52:03 -0400 Received: by smtp.corp.redhat.com (Postfix) id E6D205D963; Thu, 14 Sep 2017 12:52:03 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-114.phx2.redhat.com [10.3.117.114]) by smtp.corp.redhat.com (Postfix) with ESMTP id AEA1267C69 for ; Thu, 14 Sep 2017 12:52:03 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 3F360C058EA3 Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com From: John Ferlan To: libvir-list@redhat.com Date: Thu, 14 Sep 2017 08:51:49 -0400 Message-Id: <20170914125156.1607-5-jferlan@redhat.com> In-Reply-To: <20170914125156.1607-1-jferlan@redhat.com> References: <20170914125156.1607-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v8 04/11] util: storage: Add JSON backing volume parse for VxHS X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 14 Sep 2017 13:19:13 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" From: Ashish Mittal Add the backing parse and a test case to verify parsing of VxHS backing storage. Signed-off-by: Ashish Mittal Signed-off-by: John Ferlan --- src/util/virstoragefile.c | 37 +++++++++++++++++++++++++++++++++++++ tests/virstoragetest.c | 11 +++++++++++ 2 files changed, 48 insertions(+) diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c index ca306c27b..ba2045369 100644 --- a/src/util/virstoragefile.c +++ b/src/util/virstoragefile.c @@ -3212,6 +3212,40 @@ virStorageSourceParseBackingJSONRaw(virStorageSource= Ptr src, return virStorageSourceParseBackingJSONInternal(src, json); } =20 + +static int +virStorageSourceParseBackingJSONVxHS(virStorageSourcePtr src, + virJSONValuePtr json, + int opaque ATTRIBUTE_UNUSED) +{ + const char *vdisk_id =3D virJSONValueObjectGetString(json, "vdisk-id"); + virJSONValuePtr server =3D virJSONValueObjectGetObject(json, "server"); + + if (!vdisk_id || !server) { + virReportError(VIR_ERR_INVALID_ARG, "%s", + _("missing 'vdisk-id' or 'server' attribute in " + "JSON backing definition for VxHS volume")); + return -1; + } + + src->type =3D VIR_STORAGE_TYPE_NETWORK; + src->protocol =3D VIR_STORAGE_NET_PROTOCOL_VXHS; + + if (VIR_STRDUP(src->path, vdisk_id) < 0) + return -1; + + if (VIR_ALLOC_N(src->hosts, 1) < 0) + return -1; + src->nhosts =3D 1; + + if (virStorageSourceParseBackingJSONInetSocketAddress(src->hosts, + server) < 0) + return -1; + + return 0; +} + + struct virStorageSourceJSONDriverParser { const char *drvname; int (*func)(virStorageSourcePtr src, virJSONValuePtr json, int opaque); @@ -3234,6 +3268,7 @@ static const struct virStorageSourceJSONDriverParser = jsonParsers[] =3D { {"ssh", virStorageSourceParseBackingJSONSSH, 0}, {"rbd", virStorageSourceParseBackingJSONRBD, 0}, {"raw", virStorageSourceParseBackingJSONRaw, 0}, + {"vxhs", virStorageSourceParseBackingJSONVxHS, 0}, }; =20 =20 @@ -3995,6 +4030,8 @@ virStorageSourceNetworkDefaultPort(virStorageNetProto= col protocol) return 0; =20 case VIR_STORAGE_NET_PROTOCOL_VXHS: + return 9999; + case VIR_STORAGE_NET_PROTOCOL_LAST: case VIR_STORAGE_NET_PROTOCOL_NONE: return 0; diff --git a/tests/virstoragetest.c b/tests/virstoragetest.c index 60e3164b0..ffebd4dc1 100644 --- a/tests/virstoragetest.c +++ b/tests/virstoragetest.c @@ -1592,6 +1592,17 @@ mymain(void) "\n" " \n" "\n"); + TEST_BACKING_PARSE("json:{\"file\":{\"driver\":\"vxhs\"," + "\"vdisk-id\":\"c6718f6b-0401-441d-= a8c3-1f0064d75ee0\"," + "\"server\": { \"type\":\"tcp\"," + "\"host\":\"example.= com\"," + "\"port\":\"9999\"" + "}" + "}" + "}", + "\n" + " \n" + "\n"); #endif /* WITH_YAJL */ =20 cleanup: --=20 2.13.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sun Apr 28 14:42:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1505395401189953.5750211655823; Thu, 14 Sep 2017 06:23:21 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id E79BF356EC; Thu, 14 Sep 2017 13:23:19 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A1CB363742; Thu, 14 Sep 2017 13:23:19 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6940418045C2; Thu, 14 Sep 2017 13:23:19 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v8ECq6h2012500 for ; Thu, 14 Sep 2017 08:52:06 -0400 Received: by smtp.corp.redhat.com (Postfix) id 96E2D5D963; Thu, 14 Sep 2017 12:52:06 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-114.phx2.redhat.com [10.3.117.114]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5FDD44F9AB for ; Thu, 14 Sep 2017 12:52:04 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com E79BF356EC Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com From: John Ferlan To: libvir-list@redhat.com Date: Thu, 14 Sep 2017 08:51:50 -0400 Message-Id: <20170914125156.1607-6-jferlan@redhat.com> In-Reply-To: <20170914125156.1607-1-jferlan@redhat.com> References: <20170914125156.1607-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v8 05/11] qemu: Refactor qemuBlockStorageSourceBuildHostsJSONSocketAddress X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Thu, 14 Sep 2017 13:23:20 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" From: Ashish Mittal Extract out the "guts" of building a server entry into it's own separately callable/usable function in order to allow building a server entry for a consumer with src->nhosts =3D=3D 1. Signed-off-by: John Ferlan --- src/qemu/qemu_block.c | 106 +++++++++++++++++++++++++++++++++-------------= ---- 1 file changed, 70 insertions(+), 36 deletions(-) diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index d07269f4e..c97b787c5 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -380,6 +380,74 @@ qemuBlockGetNodeData(virJSONValuePtr data) =20 =20 /** + * qemuBlockStorageSourceBuildJSONSocketAddress + * @host: the virStorageNetHostDefPtr definition to build + * @legacy: use 'tcp' instead of 'inet' for compatibility reasons + * + * Formats @hosts into a json object conforming to the 'SocketAddress' type + * in qemu. + * + * This function can be used when only 1 src->nhosts is expected in order + * to build a command without the array indices after "server.". That is + * to see "server.type", "server.host", and "server.port" instead of + * "server.#.type", "server.#.host", and "server.#.port". + * + * Returns a virJSONValuePtr for a single server. + */ +static virJSONValuePtr +qemuBlockStorageSourceBuildJSONSocketAddress(virStorageNetHostDefPtr host, + bool legacy) +{ + virJSONValuePtr server =3D NULL; + virJSONValuePtr ret =3D NULL; + const char *transport; + char *port =3D NULL; + + switch ((virStorageNetHostTransport) host->transport) { + case VIR_STORAGE_NET_HOST_TRANS_TCP: + if (legacy) + transport =3D "tcp"; + else + transport =3D "inet"; + + if (virAsprintf(&port, "%u", host->port) < 0) + goto cleanup; + + if (virJSONValueObjectCreate(&server, + "s:type", transport, + "s:host", host->name, + "s:port", port, + NULL) < 0) + goto cleanup; + break; + + case VIR_STORAGE_NET_HOST_TRANS_UNIX: + if (virJSONValueObjectCreate(&server, + "s:type", "unix", + "s:socket", host->socket, + NULL) < 0) + goto cleanup; + break; + + case VIR_STORAGE_NET_HOST_TRANS_RDMA: + case VIR_STORAGE_NET_HOST_TRANS_LAST: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("transport protocol '%s' is not yet supported"), + virStorageNetHostTransportTypeToString(host->transp= ort)); + goto cleanup; + } + + VIR_STEAL_PTR(ret, server); + + cleanup: + VIR_FREE(port); + virJSONValueFree(server); + + return ret; +} + + +/** * qemuBlockStorageSourceBuildHostsJSONSocketAddress: * @src: disk storage source * @legacy: use 'tcp' instead of 'inet' for compatibility reasons @@ -395,8 +463,6 @@ qemuBlockStorageSourceBuildHostsJSONSocketAddress(virSt= orageSourcePtr src, virJSONValuePtr server =3D NULL; virJSONValuePtr ret =3D NULL; virStorageNetHostDefPtr host; - const char *transport; - char *port =3D NULL; size_t i; =20 if (!(servers =3D virJSONValueNewArray())) @@ -405,39 +471,8 @@ qemuBlockStorageSourceBuildHostsJSONSocketAddress(virS= torageSourcePtr src, for (i =3D 0; i < src->nhosts; i++) { host =3D src->hosts + i; =20 - switch ((virStorageNetHostTransport) host->transport) { - case VIR_STORAGE_NET_HOST_TRANS_TCP: - if (legacy) - transport =3D "tcp"; - else - transport =3D "inet"; - - if (virAsprintf(&port, "%u", host->port) < 0) - goto cleanup; - - if (virJSONValueObjectCreate(&server, - "s:type", transport, - "s:host", host->name, - "s:port", port, - NULL) < 0) - goto cleanup; - break; - - case VIR_STORAGE_NET_HOST_TRANS_UNIX: - if (virJSONValueObjectCreate(&server, - "s:type", "unix", - "s:socket", host->socket, - NULL) < 0) - goto cleanup; - break; - - case VIR_STORAGE_NET_HOST_TRANS_RDMA: - case VIR_STORAGE_NET_HOST_TRANS_LAST: - virReportError(VIR_ERR_INTERNAL_ERROR, - _("transport protocol '%s' is not yet supported= "), - virStorageNetHostTransportTypeToString(host->tr= ansport)); - goto cleanup; - } + if (!(server =3D qemuBlockStorageSourceBuildJSONSocketAddress(host= , legacy))) + goto cleanup; =20 if (virJSONValueArrayAppend(servers, server) < 0) goto cleanup; @@ -450,7 +485,6 @@ qemuBlockStorageSourceBuildHostsJSONSocketAddress(virSt= orageSourcePtr src, cleanup: virJSONValueFree(servers); virJSONValueFree(server); - VIR_FREE(port); =20 return ret; } --=20 2.13.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sun Apr 28 14:42:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1505394992018356.84230109137627; Thu, 14 Sep 2017 06:16:32 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A2E57C0587F5; Thu, 14 Sep 2017 13:16:30 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8332F58844; Thu, 14 Sep 2017 13:16:30 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 41DDB1843762; Thu, 14 Sep 2017 13:16:30 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v8ECq7fS012513 for ; Thu, 14 Sep 2017 08:52:07 -0400 Received: by smtp.corp.redhat.com (Postfix) id 1F59A67C69; Thu, 14 Sep 2017 12:52:07 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-114.phx2.redhat.com [10.3.117.114]) by smtp.corp.redhat.com (Postfix) with ESMTP id DADA44F9AB for ; Thu, 14 Sep 2017 12:52:06 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com A2E57C0587F5 Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com From: John Ferlan To: libvir-list@redhat.com Date: Thu, 14 Sep 2017 08:51:51 -0400 Message-Id: <20170914125156.1607-7-jferlan@redhat.com> In-Reply-To: <20170914125156.1607-1-jferlan@redhat.com> References: <20170914125156.1607-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v8 06/11] qemu: Add qemu command line generation for a VxHS block device X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 14 Sep 2017 13:16:31 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" From: Ashish Mittal The VxHS block device will only use the newer formatting options and avoid the legacy URI syntax. An excerpt for a sample QEMU command line is: -drive file.driver=3Dvxhs,file.vdisk-id=3Deb90327c-8302-4725-9e1b-4e85ed4= dc251,\ file.server.type=3Dtcp,file.server.host=3D192.168.0.1,\ file.server.port=3D9999,format=3Draw,if=3Dnone,id=3Ddrive-virtio-disk0,c= ache=3Dnone \ -device virtio-blk-pci,bus=3Dpci.0,addr=3D0x4,drive=3Ddrive-virtio-disk0,\ id=3Dvirtio-disk0 Update qemuxml2argvtest with a simple test. Signed-off-by: Ashish Mittal Signed-off-by: John Ferlan --- src/qemu/qemu_block.c | 37 ++++++++++++++++++= +++- src/qemu/qemu_command.c | 10 +++++- src/qemu/qemu_parse_command.c | 16 +++++++++- src/qemu/qemu_process.c | 29 +++++++++++++++++ .../qemuxml2argv-disk-drive-network-vxhs.args | 27 ++++++++++++++++ tests/qemuxml2argvtest.c | 1 + 6 files changed, 117 insertions(+), 3 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-= vxhs.args diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index c97b787c5..ca6e213b4 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -516,6 +516,37 @@ qemuBlockStorageSourceGetGlusterProps(virStorageSource= Ptr src) } =20 =20 +static virJSONValuePtr +qemuBlockStorageSourceGetVxHSProps(virStorageSourcePtr src) +{ + const char *protocol =3D virStorageNetProtocolTypeToString(src->protoc= ol); + virJSONValuePtr server =3D NULL; + virJSONValuePtr ret =3D NULL; + + if (src->nhosts !=3D 1) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("VxHS protocol accepts only one host")); + return NULL; + } + + if (!(server =3D qemuBlockStorageSourceBuildJSONSocketAddress(src->hos= ts, true))) + return NULL; + + /* VxHS disk specification example: + * { driver:"vxhs", + * vdisk-id:"eb90327c-8302-4725-4e85ed4dc251", + * server:[{type:"tcp", host:"1.2.3.4", port:9999}]} + */ + if (virJSONValueObjectCreate(&ret, + "s:driver", protocol, + "s:vdisk-id", src->path, + "a:server", server, NULL) < 0) + virJSONValueFree(server); + + return ret; +} + + /** * qemuBlockStorageSourceGetBackendProps: * @src: disk source @@ -546,6 +577,11 @@ qemuBlockStorageSourceGetBackendProps(virStorageSource= Ptr src) goto cleanup; break; =20 + case VIR_STORAGE_NET_PROTOCOL_VXHS: + if (!(fileprops =3D qemuBlockStorageSourceGetVxHSProps(src))) + goto cleanup; + break; + case VIR_STORAGE_NET_PROTOCOL_NBD: case VIR_STORAGE_NET_PROTOCOL_RBD: case VIR_STORAGE_NET_PROTOCOL_SHEEPDOG: @@ -556,7 +592,6 @@ qemuBlockStorageSourceGetBackendProps(virStorageSourceP= tr src) case VIR_STORAGE_NET_PROTOCOL_FTPS: case VIR_STORAGE_NET_PROTOCOL_TFTP: case VIR_STORAGE_NET_PROTOCOL_SSH: - case VIR_STORAGE_NET_PROTOCOL_VXHS: case VIR_STORAGE_NET_PROTOCOL_NONE: case VIR_STORAGE_NET_PROTOCOL_LAST: break; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 720530daa..0a3278510 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -994,12 +994,16 @@ qemuBuildNetworkDriveStr(virStorageSourcePtr src, ret =3D virBufferContentAndReset(&buf); break; =20 + case VIR_STORAGE_NET_PROTOCOL_VXHS: + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("VxHS protocol does not support URI syntax")); + goto cleanup; + case VIR_STORAGE_NET_PROTOCOL_SSH: virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("'ssh' protocol is not yet supported")); goto cleanup; =20 - case VIR_STORAGE_NET_PROTOCOL_VXHS: case VIR_STORAGE_NET_PROTOCOL_LAST: case VIR_STORAGE_NET_PROTOCOL_NONE: virReportError(VIR_ERR_INTERNAL_ERROR, @@ -1329,6 +1333,10 @@ qemuDiskSourceNeedsProps(virStorageSourcePtr src) src->nhosts > 1) return true; =20 + if (actualType =3D=3D VIR_STORAGE_TYPE_NETWORK && + src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_VXHS) + return true; + return false; } =20 diff --git a/src/qemu/qemu_parse_command.c b/src/qemu/qemu_parse_command.c index 9190a37ba..6286c2e7a 100644 --- a/src/qemu/qemu_parse_command.c +++ b/src/qemu/qemu_parse_command.c @@ -736,6 +736,11 @@ qemuParseCommandLineDisk(virDomainXMLOptionPtr xmlopt, if (VIR_STRDUP(def->src->path, vdi) < 0) goto error; } + } else if (STRPREFIX(def->src->path, "vxhs:")) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("VxHS protocol does not support URI s= yntax '%s'"), + def->src->path); + goto error; } else { def->src->type =3D VIR_STORAGE_TYPE_FILE; } @@ -1944,6 +1949,10 @@ qemuParseCommandLine(virCapsPtr caps, disk->src->type =3D VIR_STORAGE_TYPE_NETWORK; disk->src->protocol =3D VIR_STORAGE_NET_PROTOCOL_SHEEPDOG; val +=3D strlen("sheepdog:"); + } else if (STRPREFIX(val, "vxhs:")) { + disk->src->type =3D VIR_STORAGE_TYPE_NETWORK; + disk->src->protocol =3D VIR_STORAGE_NET_PROTOCOL_VXHS; + val +=3D strlen("vxhs:"); } else { disk->src->type =3D VIR_STORAGE_TYPE_FILE; } @@ -2020,13 +2029,18 @@ qemuParseCommandLine(virCapsPtr caps, goto error; =20 break; + case VIR_STORAGE_NET_PROTOCOL_VXHS: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("VxHS protocol does not support URI " + "syntax '%s'"), disk->src->path); + goto error; + break; case VIR_STORAGE_NET_PROTOCOL_HTTP: case VIR_STORAGE_NET_PROTOCOL_HTTPS: case VIR_STORAGE_NET_PROTOCOL_FTP: case VIR_STORAGE_NET_PROTOCOL_FTPS: case VIR_STORAGE_NET_PROTOCOL_TFTP: case VIR_STORAGE_NET_PROTOCOL_SSH: - case VIR_STORAGE_NET_PROTOCOL_VXHS: case VIR_STORAGE_NET_PROTOCOL_LAST: case VIR_STORAGE_NET_PROTOCOL_NONE: /* ignored for now */ diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 7e9b406b6..099a770e9 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -4578,6 +4578,32 @@ qemuProcessStartValidateShmem(virDomainObjPtr vm) =20 =20 static int +qemuProcessStartValidateDisks(virDomainObjPtr vm, + virQEMUCapsPtr qemuCaps) +{ + size_t i; + + for (i =3D 0; i < vm->def->ndisks; i++) { + virStorageSourcePtr src =3D vm->def->disks[i]->src; + + /* This is a best effort check as we can only check if the command + * option exists, but we cannot determine whether the running QEMU + * was build with '--enable-vxhs'. */ + if (src->type =3D=3D VIR_STORAGE_TYPE_NETWORK && + src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_VXHS && + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_VXHS)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("VxHS protocol is not supported with this " + "QEMU binary")); + return -1; + } + } + + return 0; +} + + +static int qemuProcessStartValidateXML(virQEMUDriverPtr driver, virDomainObjPtr vm, virQEMUCapsPtr qemuCaps, @@ -4659,6 +4685,9 @@ qemuProcessStartValidate(virQEMUDriverPtr driver, if (qemuProcessStartValidateShmem(vm) < 0) return -1; =20 + if (qemuProcessStartValidateDisks(vm, qemuCaps) < 0) + return -1; + VIR_DEBUG("Checking for any possible (non-fatal) issues"); =20 qemuProcessStartWarnShmem(vm); diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-vxhs.ar= gs b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-vxhs.args new file mode 100644 index 000000000..b62ace3de --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-vxhs.args @@ -0,0 +1,27 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/home/test \ +USER=3Dtest \ +LOGNAME=3Dtest \ +QEMU_AUDIO_DRV=3Dnone \ +/usr/bin/qemu-system-x86_64 \ +-name QEMUGuest1 \ +-S \ +-M pc \ +-cpu qemu32 \ +-m 214 \ +-smp 1,sockets=3D1,cores=3D1,threads=3D1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-nographic \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,path=3D/tmp/lib/domain--1-QEMUGuest1/moni= tor.sock,\ +server,nowait \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dreadline \ +-no-acpi \ +-boot c \ +-usb \ +-drive file.driver=3Dvxhs,file.vdisk-id=3Deb90327c-8302-4725-9e1b-4e85ed4d= c251,\ +file.server.type=3Dtcp,file.server.host=3D192.168.0.1,file.server.port=3D9= 999,\ +format=3Draw,if=3Dnone,id=3Ddrive-virtio-disk0,cache=3Dnone \ +-device virtio-blk-pci,bus=3Dpci.0,addr=3D0x4,drive=3Ddrive-virtio-disk0,\ +id=3Dvirtio-disk0 diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 2c040e4c0..01a518eff 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -931,6 +931,7 @@ mymain(void) # endif DO_TEST("disk-drive-network-rbd-ipv6", NONE); DO_TEST_FAILURE("disk-drive-network-rbd-no-colon", NONE); + DO_TEST("disk-drive-network-vxhs", QEMU_CAPS_VXHS); DO_TEST("disk-drive-no-boot", QEMU_CAPS_BOOTINDEX); DO_TEST_PARSE_ERROR("disk-device-lun-type-invalid", --=20 2.13.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sun Apr 28 14:42:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1505395012824578.0823774624289; Thu, 14 Sep 2017 06:16:52 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 91DD1C047B6C; Thu, 14 Sep 2017 13:16:51 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 60DC06F43F; Thu, 14 Sep 2017 13:16:51 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 236AE3FACF; Thu, 14 Sep 2017 13:16:51 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v8ECq7xv012518 for ; Thu, 14 Sep 2017 08:52:07 -0400 Received: by smtp.corp.redhat.com (Postfix) id 833E75D963; Thu, 14 Sep 2017 12:52:07 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-114.phx2.redhat.com [10.3.117.114]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4C5EE6C95E for ; Thu, 14 Sep 2017 12:52:07 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 91DD1C047B6C Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com From: John Ferlan To: libvir-list@redhat.com Date: Thu, 14 Sep 2017 08:51:52 -0400 Message-Id: <20170914125156.1607-8-jferlan@redhat.com> In-Reply-To: <20170914125156.1607-1-jferlan@redhat.com> References: <20170914125156.1607-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v8 07/11] conf: Introduce TLS options for VxHS block device clients X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Thu, 14 Sep 2017 13:16:52 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" From: Ashish Mittal Add a new TLS X.509 certificate type - "vxhs". This will handle the creation of a TLS certificate capability for properly configured VxHS network block device clients. The following describes the behavior of TLS for VxHS block device: (1) Two new options have been added in /etc/libvirt/qemu.conf to control TLS behavior with VxHS block devices "vxhs_tls" and "vxhs_tls_x509_cert_dir". (2) Setting "vxhs_tls=3D1" in /etc/libvirt/qemu.conf will enable TLS for VxHS block devices. (3) "vxhs_tls_x509_cert_dir" can be set to the full path where the TLS CA certificate and the client certificate and keys are saved. If this value is missing, the "default_tls_x509_cert_dir" will be used instead. If the environment is not configured properly the authentication to the VxHS server will fail. Signed-off-by: Ashish Mittal Signed-off-by: John Ferlan --- src/qemu/libvirtd_qemu.aug | 4 ++++ src/qemu/qemu.conf | 34 ++++++++++++++++++++++++++++++++++ src/qemu/qemu_conf.c | 16 ++++++++++++++++ src/qemu/qemu_conf.h | 3 +++ src/qemu/test_libvirtd_qemu.aug.in | 2 ++ 5 files changed, 59 insertions(+) diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug index e1983d1fd..c19bf3a43 100644 --- a/src/qemu/libvirtd_qemu.aug +++ b/src/qemu/libvirtd_qemu.aug @@ -115,6 +115,9 @@ module Libvirtd_qemu =3D =20 let memory_entry =3D str_entry "memory_backing_dir" =20 + let vxhs_entry =3D bool_entry "vxhs_tls" + | str_entry "vxhs_tls_x509_cert_dir" + (* Each entry in the config is one of the following ... *) let entry =3D default_tls_entry | vnc_entry @@ -133,6 +136,7 @@ module Libvirtd_qemu =3D | nvram_entry | gluster_debug_level_entry | memory_entry + | vxhs_entry =20 let comment =3D [ label "#comment" . del /#[ \t]*/ "# " . store /([^ \= t\n][^\n]*)?/ . del /\n/ "\n" ] let empty =3D [ label "#empty" . eol ] diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index f977e3b71..2d20d790b 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -258,6 +258,40 @@ #chardev_tls_x509_secret_uuid =3D "00000000-0000-0000-0000-000000000000" =20 =20 +# Enable use of TLS encryption for all VxHS network block devices that +# don't specifically disable. +# +# When the VxHS network block device server is set up appropriately, +# x509 certificates are required for authentication between the clients +# (qemu processes) and the remote VxHS server. +# +# It is necessary to setup CA and issue the client certificate before +# enabling this. +# +#vxhs_tls =3D 1 + + +# In order to override the default TLS certificate location for VxHS +# device TCP certificates, supply a valid path to the certificate director= y. +# This is used to authenticate the VxHS block device clients to the VxHS +# server. +# +# If the provided path does not exist then the default_tls_x509_cert_dir +# path will be used. +# +# VxHS block device clients expect the client certificate and key to be +# present in the certificate directory along with the CA master certificat= e. +# If using the default environment, default_tls_x509_verify must be config= ured. +# The server key as well as secret UUID that would decrypt it is not used. +# Thus a VxHS directory must contain the following: +# +# ca-cert.pem - the CA master certificate +# client-cert.pem - the client certificate signed with the ca-cert.pem +# client-key.pem - the client private key +# +#vxhs_tls_x509_cert_dir =3D "/etc/pki/libvirt-vxhs" + + # In order to override the default TLS certificate location for migration # certificates, supply a valid path to the certificate directory. If the # provided path does not exist then the default_tls_x509_cert_dir path diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index ab5f7cc59..bcf798d08 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -283,6 +283,7 @@ virQEMUDriverConfigPtr virQEMUDriverConfigNew(bool priv= ileged) SET_TLS_X509_CERT_DEFAULT(spice); SET_TLS_X509_CERT_DEFAULT(chardev); SET_TLS_X509_CERT_DEFAULT(migrate); + SET_TLS_X509_CERT_DEFAULT(vxhs); =20 #undef SET_TLS_X509_CERT_DEFAULT =20 @@ -380,6 +381,8 @@ static void virQEMUDriverConfigDispose(void *obj) VIR_FREE(cfg->chardevTLSx509certdir); VIR_FREE(cfg->chardevTLSx509secretUUID); =20 + VIR_FREE(cfg->vxhsTLSx509certdir); + VIR_FREE(cfg->migrateTLSx509certdir); VIR_FREE(cfg->migrateTLSx509secretUUID); =20 @@ -457,6 +460,7 @@ virQEMUDriverConfigTLSDirResetDefaults(virQEMUDriverCon= figPtr cfg) CHECK_RESET_CERT_DIR_DEFAULT(spice); CHECK_RESET_CERT_DIR_DEFAULT(chardev); CHECK_RESET_CERT_DIR_DEFAULT(migrate); + CHECK_RESET_CERT_DIR_DEFAULT(vxhs); =20 return 0; } @@ -556,6 +560,10 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr= cfg, goto cleanup; if (virConfGetValueBool(conf, "spice_auto_unix_socket", &cfg->spiceAut= oUnixSocket) < 0) goto cleanup; + if (virConfGetValueBool(conf, "vxhs_tls", &cfg->vxhsTLS) < 0) + goto cleanup; + if (virConfGetValueString(conf, "vxhs_tls_x509_cert_dir", &cfg->vxhsTL= Sx509certdir) < 0) + goto cleanup; =20 #define GET_CONFIG_TLS_CERTINFO(val) = \ do { = \ @@ -976,6 +984,14 @@ virQEMUDriverConfigValidate(virQEMUDriverConfigPtr cfg) return -1; } =20 + if (STRNEQ(cfg->vxhsTLSx509certdir, SYSCONFDIR "/pki/qemu") && + !virFileExists(cfg->vxhsTLSx509certdir)) { + virReportError(VIR_ERR_CONF_SYNTAX, + _("vxhs_tls_x509_cert_dir directory '%s' does not e= xist"), + cfg->vxhsTLSx509certdir); + return -1; + } + return 0; } =20 diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h index d469b50bd..13b6f818a 100644 --- a/src/qemu/qemu_conf.h +++ b/src/qemu/qemu_conf.h @@ -203,6 +203,9 @@ struct _virQEMUDriverConfig { unsigned int glusterDebugLevel; =20 char *memoryBackingDir; + + bool vxhsTLS; + char *vxhsTLSx509certdir; }; =20 /* Main driver state */ diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qe= mu.aug.in index 676d48cf5..688e5b9fd 100644 --- a/src/qemu/test_libvirtd_qemu.aug.in +++ b/src/qemu/test_libvirtd_qemu.aug.in @@ -25,6 +25,8 @@ module Test_libvirtd_qemu =3D { "chardev_tls_x509_cert_dir" =3D "/etc/pki/libvirt-chardev" } { "chardev_tls_x509_verify" =3D "1" } { "chardev_tls_x509_secret_uuid" =3D "00000000-0000-0000-0000-000000000000= " } +{ "vxhs_tls" =3D "1" } +{ "vxhs_tls_x509_cert_dir" =3D "/etc/pki/libvirt-vxhs" } { "migrate_tls_x509_cert_dir" =3D "/etc/pki/libvirt-migrate" } { "migrate_tls_x509_verify" =3D "1" } { "migrate_tls_x509_secret_uuid" =3D "00000000-0000-0000-0000-000000000000= " } --=20 2.13.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sun Apr 28 14:42:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1505395033792596.4287635374421; Thu, 14 Sep 2017 06:17:13 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 896E5C058EC4; Thu, 14 Sep 2017 13:17:12 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 4EEE467594; Thu, 14 Sep 2017 13:17:12 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 1384718045C2; Thu, 14 Sep 2017 13:17:12 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v8ECq7ld012524 for ; Thu, 14 Sep 2017 08:52:07 -0400 Received: by smtp.corp.redhat.com (Postfix) id DB7665D963; Thu, 14 Sep 2017 12:52:07 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-114.phx2.redhat.com [10.3.117.114]) by smtp.corp.redhat.com (Postfix) with ESMTP id A53586C928 for ; Thu, 14 Sep 2017 12:52:07 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 896E5C058EC4 Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com From: John Ferlan To: libvir-list@redhat.com Date: Thu, 14 Sep 2017 08:51:53 -0400 Message-Id: <20170914125156.1607-9-jferlan@redhat.com> In-Reply-To: <20170914125156.1607-1-jferlan@redhat.com> References: <20170914125156.1607-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v8 08/11] util: Add TLS attributes to virStorageSource X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 14 Sep 2017 13:17:13 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" From: Ashish Mittal Add an optional virTristateBool haveTLS to virStorageSource to manage whether a storage source will be using TLS. Sample XML for a VxHS disk: Additionally add a tlsFromConfig boolean to control whether the TLS setting was due to domain configuration or qemu.conf global setting in order to decide whether to Format the haveTLS setting for either a live or saved domain configuration file. Update the qemuxml2xmltest in order to add a test to show the proper parsing. Also update the docs to describe the tls attribute plus clean up the description in the surrounding area to make the information a bit more readable rather than one winding paragraph. Signed-off-by: Ashish Mittal Signed-off-by: John Ferlan --- docs/formatdomain.html.in | 40 ++++++++++++++++--= ---- docs/schemas/domaincommon.rng | 5 +++ src/conf/domain_conf.c | 28 +++++++++++++-- src/util/virstoragefile.c | 2 ++ src/util/virstoragefile.h | 7 ++++ ...emuxml2argv-disk-drive-network-tlsx509-vxhs.xml | 32 +++++++++++++++++ ...uxml2xmlout-disk-drive-network-tlsx509-vxhs.xml | 34 ++++++++++++++++++ tests/qemuxml2xmltest.c | 1 + 8 files changed, 137 insertions(+), 12 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-= tlsx509-vxhs.xml create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-disk-drive-netw= ork-tlsx509-vxhs.xml diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 446ffff4c..26c00674a 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -2520,19 +2520,39 @@
The protocol attribute specifies the protocol to access to the requested image. Possible values are "nbd", - "iscsi", "rbd", "sheepdog", "gluster" or "vxhs". If the - protocol attribute is "rbd", "sheepdog", "glust= er" - or "vxhs", an additional attribute name is - mandatory to specify which volume/image will be used. For "n= bd", - the name attribute is optional. For "iscsi" - (since 1.0.4), the name - attribute may include a logical unit number, separated from = the - target's name by a slash (e.g., + "iscsi", "rbd", "sheepdog", "gluster" or "vxhs". + +

If the protocol attribute is "rbd", "sheepdo= g", + "gluster", or "vxhs", an additional attribute name + is mandatory to specify which volume/image will be used. +

+ +

For "nbd", the name attribute is optional. +

+ +

For "iscsi" (since 1.0.4), t= he + name attribute may include a logical unit numbe= r, + separated from the target's name by a slash (e.g., iqn.2013-07.com.example:iscsi-pool/1). If not specified, the default LUN is zero. - For "vxhs" (since 3.8.0), the +

+ +

For "vxhs" (since 3.8.0), the name is the UUID of the volume, assigned by the - HyperScale server. + HyperScale server. Additionally, an optional attribute + tls (QEMU only) can be used to control whether a + VxHS block device would utilize a hypervisor configured TLS + X.509 certificate environment in order to encrypt the data + channel. For the QEMU hypervisor, usage of a TLS environment= can + also be globally controlled on the host by the + vxhs_tls and vxhs_tls_x509_cert_dir or + default_tls_x509_cert_dir settings in the file + /etc/libvirt/qemu.conf. If vxhs_tls is enabled, + then unless the domain tls attribute is set to = "no", + libvirt will use the host configured TLS environment. If the + tls attribute is set to "yes", then regardless = of + the qemu.conf setting, TLS authentication will be attempted. +

Since 0.8.7
volume
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 76852abb3..bac371ea3 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -1644,6 +1644,11 @@ + + + + + diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index a43b25c31..3684454e8 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -8114,6 +8114,7 @@ virDomainDiskSourceParse(xmlNodePtr node, int ret =3D -1; char *protocol =3D NULL; xmlNodePtr saveNode =3D ctxt->node; + char *haveTLS =3D NULL; =20 ctxt->node =3D node; =20 @@ -8147,6 +8148,19 @@ virDomainDiskSourceParse(xmlNodePtr node, goto cleanup; } =20 + /* Check tls=3Dyes|no domain setting for the block device + * At present only VxHS. Other block devices may be added later */ + if (src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_VXHS && + (haveTLS =3D virXMLPropString(node, "tls"))) { + if ((src->haveTLS =3D + virTristateBoolTypeFromString(haveTLS)) <=3D 0) { + virReportError(VIR_ERR_XML_ERROR, + _("unknown disk source 'tls' setting '%s'"), + haveTLS); + goto cleanup; + } + } + /* for historical reasons the volume name for gluster volume is st= ored * as a part of the path. This is hard to work with when dealing w= ith * relative names. Split out the volume into a separate variable */ @@ -8202,6 +8216,7 @@ virDomainDiskSourceParse(xmlNodePtr node, =20 cleanup: VIR_FREE(protocol); + VIR_FREE(haveTLS); ctxt->node =3D saveNode; return ret; } @@ -21669,7 +21684,8 @@ virDomainSourceDefFormatSeclabel(virBufferPtr buf, =20 static int virDomainDiskSourceFormatNetwork(virBufferPtr buf, - virStorageSourcePtr src) + virStorageSourcePtr src, + unsigned int flags) { size_t n; char *path =3D NULL; @@ -21686,6 +21702,14 @@ virDomainDiskSourceFormatNetwork(virBufferPtr buf, =20 VIR_FREE(path); =20 + if (src->haveTLS !=3D VIR_TRISTATE_BOOL_ABSENT && + !(flags & VIR_DOMAIN_DEF_FORMAT_MIGRATABLE && + src->tlsFromConfig)) + virBufferAsprintf(buf, " tls=3D'%s'", + virTristateBoolTypeToString(src->haveTLS)); + if (flags & VIR_DOMAIN_DEF_FORMAT_STATUS) + virBufferAsprintf(buf, " tlsFromConfig=3D'%d'", src->tlsFromConfig= ); + if (src->nhosts =3D=3D 0 && !src->snapshot && !src->configFile) { virBufferAddLit(buf, "/>\n"); } else { @@ -21760,7 +21784,7 @@ virDomainDiskSourceFormatInternal(virBufferPtr buf, break; =20 case VIR_STORAGE_TYPE_NETWORK: - if (virDomainDiskSourceFormatNetwork(buf, src) < 0) + if (virDomainDiskSourceFormatNetwork(buf, src, flags) < 0) goto error; break; =20 diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c index ba2045369..35f468e35 100644 --- a/src/util/virstoragefile.c +++ b/src/util/virstoragefile.c @@ -2039,6 +2039,8 @@ virStorageSourceCopy(const virStorageSource *src, ret->physical =3D src->physical; ret->readonly =3D src->readonly; ret->shared =3D src->shared; + ret->haveTLS =3D src->haveTLS; + ret->tlsFromConfig =3D src->tlsFromConfig; =20 /* storage driver metadata are not copied */ ret->drv =3D NULL; diff --git a/src/util/virstoragefile.h b/src/util/virstoragefile.h index f7e897f25..4817090fc 100644 --- a/src/util/virstoragefile.h +++ b/src/util/virstoragefile.h @@ -281,6 +281,13 @@ struct _virStorageSource { /* metadata that allows identifying given storage source */ char *nodeformat; /* name of the format handler object */ char *nodestorage; /* name of the storage object */ + + /* An optional setting to enable usage of TLS for the storage source */ + int haveTLS; /* enum virTristateBool */ + + /* Indication whether the haveTLS value was altered due to qemu.conf + * setting when haveTLS is missing from the domain config file */ + bool tlsFromConfig; }; =20 =20 diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509= -vxhs.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-= vxhs.xml new file mode 100644 index 000000000..61b5e2e79 --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-vxhs.x= ml @@ -0,0 +1,32 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219136 + 219136 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + + + + eb90327c-8302-4725-9e1b-4e85ed4dc251 +
+ + + + + + + + diff --git a/tests/qemuxml2xmloutdata/qemuxml2xmlout-disk-drive-network-tls= x509-vxhs.xml b/tests/qemuxml2xmloutdata/qemuxml2xmlout-disk-drive-network-= tlsx509-vxhs.xml new file mode 100644 index 000000000..16f0883e0 --- /dev/null +++ b/tests/qemuxml2xmloutdata/qemuxml2xmlout-disk-drive-network-tlsx509-vx= hs.xml @@ -0,0 +1,34 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219136 + 219136 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + + + + eb90327c-8302-4725-9e1b-4e85ed4dc251 +
+ + +
+ + + + + + + diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 8b7577fd3..f005163c4 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -475,6 +475,7 @@ mymain(void) DO_TEST("disk-drive-network-rbd-ceph-env", NONE); DO_TEST("disk-drive-network-sheepdog", NONE); DO_TEST("disk-drive-network-vxhs", NONE); + DO_TEST("disk-drive-network-tlsx509-vxhs", NONE); DO_TEST("disk-scsi-device", QEMU_CAPS_NODEFCONFIG, QEMU_CAPS_SCSI_LSI); DO_TEST("disk-scsi-vscsi", NONE); --=20 2.13.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sun Apr 28 14:42:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 15053951745100.021918684076695172; Thu, 14 Sep 2017 06:19:34 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 067BF8046E; Thu, 14 Sep 2017 13:19:33 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D3441617A9; Thu, 14 Sep 2017 13:19:32 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 9DD983FAD4; Thu, 14 Sep 2017 13:19:32 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v8ECq8Lu012532 for ; Thu, 14 Sep 2017 08:52:08 -0400 Received: by smtp.corp.redhat.com (Postfix) id 6C5645D963; Thu, 14 Sep 2017 12:52:08 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-114.phx2.redhat.com [10.3.117.114]) by smtp.corp.redhat.com (Postfix) with ESMTP id 384106C928 for ; Thu, 14 Sep 2017 12:52:07 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 067BF8046E Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com From: John Ferlan To: libvir-list@redhat.com Date: Thu, 14 Sep 2017 08:51:54 -0400 Message-Id: <20170914125156.1607-10-jferlan@redhat.com> In-Reply-To: <20170914125156.1607-1-jferlan@redhat.com> References: <20170914125156.1607-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v8 09/11] qemu: Introduce qemuDomainPrepareDiskSource X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Thu, 14 Sep 2017 13:19:33 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Introduce a function to setup any TLS needs for a disk source. If there's a configuration or other error setting up the disk source for TLS, then cause the domain startup to fail. For VxHS, follow the chardevTLS model where if the src->haveTLS hasn't been configured, then take the system/global cfg->haveTLS setting for the storage source *and* mark that we've done so via the tlsFromConfig setting in storage source. Next, if we are using TLS, then generate an alias into a virStorageSource 'tlsAlias' field that will be used to create the TLS object and added to the disk object in order to link the two together for QEMU. Signed-off-by: John Ferlan --- src/qemu/qemu_domain.c | 71 +++++++++++++++++++++++++++++++++++++++++++= ++++ src/qemu/qemu_domain.h | 11 ++++++++ src/qemu/qemu_process.c | 4 +++ src/util/virstoragefile.c | 5 +++- src/util/virstoragefile.h | 6 ++++ 5 files changed, 96 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 05f8e9488..b93b7de63 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -7550,6 +7550,77 @@ qemuDomainPrepareChardevSource(virDomainDefPtr def, } =20 =20 +/* qemuProcessPrepareDiskSourceTLS: + * @source: pointer to host interface data for disk device + * @diskAlias: alias use for the disk device + * @cfg: driver configuration + * + * Updates host interface TLS encryption setting based on qemu.conf + * for disk devices. This will be presented as "tls=3D'yes|no'" in + * live XML of a guest. + * + * Returns 0 on success, -1 on bad config/failure + */ +int +qemuDomainPrepareDiskSourceTLS(virStorageSourcePtr src, + const char *diskAlias, + virQEMUDriverConfigPtr cfg) +{ + + /* VxHS doesn't utilize a password protected server certificate, + * so no need to add a secinfo for a secret UUID. */ + if (src->type =3D=3D VIR_STORAGE_TYPE_NETWORK && + src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_VXHS) { + + if (src->haveTLS =3D=3D VIR_TRISTATE_BOOL_ABSENT) { + if (cfg->vxhsTLS) + src->haveTLS =3D VIR_TRISTATE_BOOL_YES; + else + src->haveTLS =3D VIR_TRISTATE_BOOL_NO; + src->tlsFromConfig =3D true; + } + + if (src->haveTLS =3D=3D VIR_TRISTATE_BOOL_YES) { + if (!diskAlias) { + virReportError(VIR_ERR_INVALID_ARG, "%s", + _("disk does not have an alias")); + return -1; + } + + if (!(src->tlsAlias =3D qemuAliasTLSObjFromSrcAlias(diskAlias)= )) + return -1; + } + } + + return 0; +} + + +/* qemuProcessPrepareDiskSource: + * @def: live domain definition + * @driver: qemu driver + * + * Iterate through all disk devices to setup/check any that would be + * using TLS. + * + * Returns 0 on success, -1 on failure + */ +int +qemuDomainPrepareDiskSource(virDomainDefPtr def, + virQEMUDriverConfigPtr cfg) +{ + size_t i; + + for (i =3D 0; i < def->ndisks; i++) { + if (qemuDomainPrepareDiskSourceTLS(def->disks[i]->src, + def->disks[i]->info.alias, + cfg) < 0) + return -1; + } + + return 0; +} + =20 int qemuDomainPrepareShmemChardev(virDomainShmemDefPtr shmem) diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index b291dc308..93db23c2b 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -864,6 +864,17 @@ void qemuDomainPrepareChardevSource(virDomainDefPtr de= f, virQEMUDriverConfigPtr cfg) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2); =20 +int +qemuDomainPrepareDiskSourceTLS(virStorageSourcePtr src, + const char *diskAlias, + virQEMUDriverConfigPtr cfg) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(3); + +int +qemuDomainPrepareDiskSource(virDomainDefPtr def, + virQEMUDriverConfigPtr cfg) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2); + int qemuDomainPrepareShmemChardev(virDomainShmemDefPtr shmem) ATTRIBUTE_NONNULL(1); =20 diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 099a770e9..f0691ece6 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -5351,6 +5351,10 @@ qemuProcessPrepareDomain(virConnectPtr conn, if (qemuDomainMasterKeyCreate(vm) < 0) goto cleanup; =20 + VIR_DEBUG("Prepare disk source backends for TLS"); + if (qemuDomainPrepareDiskSource(vm->def, cfg) < 0) + goto cleanup; + VIR_DEBUG("Prepare chardev source backends for TLS"); qemuDomainPrepareChardevSource(vm->def, cfg); =20 diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c index 35f468e35..9cd648d36 100644 --- a/src/util/virstoragefile.c +++ b/src/util/virstoragefile.c @@ -2054,7 +2054,8 @@ virStorageSourceCopy(const virStorageSource *src, VIR_STRDUP(ret->configFile, src->configFile) < 0 || VIR_STRDUP(ret->nodeformat, src->nodeformat) < 0 || VIR_STRDUP(ret->nodestorage, src->nodestorage) < 0 || - VIR_STRDUP(ret->compat, src->compat) < 0) + VIR_STRDUP(ret->compat, src->compat) < 0 || + VIR_STRDUP(ret->tlsAlias, src->tlsAlias) < 0) goto error; =20 if (src->nhosts) { @@ -2279,6 +2280,8 @@ virStorageSourceClear(virStorageSourcePtr def) =20 virStorageSourceBackingStoreClear(def); =20 + VIR_FREE(def->tlsAlias); + memset(def, 0, sizeof(*def)); } =20 diff --git a/src/util/virstoragefile.h b/src/util/virstoragefile.h index 4817090fc..eadbcc190 100644 --- a/src/util/virstoragefile.h +++ b/src/util/virstoragefile.h @@ -288,6 +288,12 @@ struct _virStorageSource { /* Indication whether the haveTLS value was altered due to qemu.conf * setting when haveTLS is missing from the domain config file */ bool tlsFromConfig; + + /* If TLS is used, then mgmt of the TLS credentials occurs via an + * object that is generated using a specific alias. That alias must + * be used when generating the disk object in order to link the + * two together. */ + char *tlsAlias; }; =20 =20 --=20 2.13.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sun Apr 28 14:42:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 150539505453266.64382715017791; Thu, 14 Sep 2017 06:17:34 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 519DF7EA9B; Thu, 14 Sep 2017 13:17:33 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2B1A677ECB; Thu, 14 Sep 2017 13:17:33 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id E91363FACF; Thu, 14 Sep 2017 13:17:32 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v8ECq8I3012539 for ; Thu, 14 Sep 2017 08:52:08 -0400 Received: by smtp.corp.redhat.com (Postfix) id C500E4F9AB; Thu, 14 Sep 2017 12:52:08 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-114.phx2.redhat.com [10.3.117.114]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8EBCE5D963 for ; Thu, 14 Sep 2017 12:52:08 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 519DF7EA9B Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com From: John Ferlan To: libvir-list@redhat.com Date: Thu, 14 Sep 2017 08:51:55 -0400 Message-Id: <20170914125156.1607-11-jferlan@redhat.com> In-Reply-To: <20170914125156.1607-1-jferlan@redhat.com> References: <20170914125156.1607-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v8 10/11] util: Add virstoragetest to parse/format a tls='yes' X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Thu, 14 Sep 2017 13:17:33 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" From: Ashish Mittal Add a test case to verify TLS arguments are parsed correctly for a VxHS disk. This includes saving off a found tls-creds into the storage source @tlsAlias field since that's what's used to link the TLS object for the authentication credentials and the disk. Test case verifies that XML is generated correctly for a VxHS disk having TLS enabled. Signed-off-by: Ashish Mittal Signed-off-by: John Ferlan --- src/util/virstoragefile.c | 9 +++++++++ tests/virstoragetest.c | 12 ++++++++++++ 2 files changed, 21 insertions(+) diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c index 9cd648d36..1fcd7a028 100644 --- a/src/util/virstoragefile.c +++ b/src/util/virstoragefile.c @@ -3225,6 +3225,7 @@ virStorageSourceParseBackingJSONVxHS(virStorageSource= Ptr src, { const char *vdisk_id =3D virJSONValueObjectGetString(json, "vdisk-id"); virJSONValuePtr server =3D virJSONValueObjectGetObject(json, "server"); + const char *haveTLS =3D virJSONValueObjectGetString(json, "tls-creds"); =20 if (!vdisk_id || !server) { virReportError(VIR_ERR_INVALID_ARG, "%s", @@ -3243,6 +3244,14 @@ virStorageSourceParseBackingJSONVxHS(virStorageSourc= ePtr src, return -1; src->nhosts =3D 1; =20 + if (haveTLS) { + VIR_FREE(src->tlsAlias); + if (VIR_STRDUP(src->tlsAlias, haveTLS) < 0) + return -1; + + src->haveTLS =3D VIR_TRISTATE_BOOL_YES; + } + if (virStorageSourceParseBackingJSONInetSocketAddress(src->hosts, server) < 0) return -1; diff --git a/tests/virstoragetest.c b/tests/virstoragetest.c index ffebd4dc1..75ad6330b 100644 --- a/tests/virstoragetest.c +++ b/tests/virstoragetest.c @@ -1603,6 +1603,18 @@ mymain(void) "\n" " \n" "\n"); + TEST_BACKING_PARSE("json:{\"file\":{\"driver\":\"vxhs\"," + "\"vdisk-id\":\"c6718f6b-0401-441d-= a8c3-1f0064d75ee0\"," + "\"server\": { \"type\":\"tcp\"," + "\"host\":\"example.= com\"," + "\"port\":\"9999\"" + "}," + "\"tls-creds\":\"objvirtio-disk0_tl= s0\"" + "}" + "}", + "\n" + " \n" + "\n"); #endif /* WITH_YAJL */ =20 cleanup: --=20 2.13.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sun Apr 28 14:42:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1505395075521433.804795296816; Thu, 14 Sep 2017 06:17:55 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3247F7E432; Thu, 14 Sep 2017 13:17:54 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D89756F435; Thu, 14 Sep 2017 13:17:53 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 96986180610F; Thu, 14 Sep 2017 13:17:53 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v8ECq9Zn012544 for ; Thu, 14 Sep 2017 08:52:09 -0400 Received: by smtp.corp.redhat.com (Postfix) id 3D0255D963; Thu, 14 Sep 2017 12:52:09 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-114.phx2.redhat.com [10.3.117.114]) by smtp.corp.redhat.com (Postfix) with ESMTP id E67C64F9AB for ; Thu, 14 Sep 2017 12:52:08 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 3247F7E432 Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com From: John Ferlan To: libvir-list@redhat.com Date: Thu, 14 Sep 2017 08:51:56 -0400 Message-Id: <20170914125156.1607-12-jferlan@redhat.com> In-Reply-To: <20170914125156.1607-1-jferlan@redhat.com> References: <20170914125156.1607-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v8 11/11] qemu: Add TLS support for Veritas HyperScale (VxHS) X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Thu, 14 Sep 2017 13:17:54 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" From: Ashish Mittal Alter qemu command line generation in order to possibly add TLS for a suitably configured domain. Sample TLS args generated by libvirt - -object tls-creds-x509,id=3Dobjvirtio-disk0_tls0,dir=3D/etc/pki/qemu,\ endpoint=3Dclient,verify-peer=3Dyes \ -drive file.driver=3Dvxhs,file.tls-creds=3Dobjvirtio-disk0_tls0,\ file.vdisk-id=3Deb90327c-8302-4725-9e1b-4e85ed4dc251,\ file.server.type=3Dtcp,file.server.host=3D192.168.0.1,\ file.server.port=3D9999,format=3Draw,if=3Dnone,\ id=3Ddrive-virtio-disk0,cache=3Dnone \ -device virtio-blk-pci,bus=3Dpci.0,addr=3D0x4,drive=3Ddrive-virtio-disk= 0,\ id=3Dvirtio-disk0 Update the qemuxml2argvtest with a couple of examples. One for a simple case and the other a bit more complex where multiple VxHS disks are added where at least one uses a VxHS that doesn't require TLS credentials and thus sets the domain disk source attribute "tls =3D 'no'". Update the hotplug to be able to handle processing the tlsAlias whether it's to add the TLS object when hotplugging a disk or to remove the TLS object when hot unplugging a disk. The hot plug/unplug code is largely generic, but the addition code does make the VXHS specific checks only because it needs to grab the correct config directory and generate the object as the command line would do. Signed-off-by: Ashish Mittal Signed-off-by: John Ferlan --- src/qemu/qemu_block.c | 8 +++ src/qemu/qemu_command.c | 29 +++++++++ src/qemu/qemu_hotplug.c | 73 ++++++++++++++++++= ++++ ...-disk-drive-network-tlsx509-multidisk-vxhs.args | 43 +++++++++++++ ...v-disk-drive-network-tlsx509-multidisk-vxhs.xml | 50 +++++++++++++++ ...muxml2argv-disk-drive-network-tlsx509-vxhs.args | 30 +++++++++ tests/qemuxml2argvtest.c | 7 +++ 7 files changed, 240 insertions(+) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-= tlsx509-multidisk-vxhs.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-= tlsx509-multidisk-vxhs.xml create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-= tlsx509-vxhs.args diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index ca6e213b4..458b90d8e 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -529,16 +529,24 @@ qemuBlockStorageSourceGetVxHSProps(virStorageSourcePt= r src) return NULL; } =20 + if (src->haveTLS =3D=3D VIR_TRISTATE_BOOL_YES && !src->tlsAlias) { + virReportError(VIR_ERR_INVALID_ARG, "%s", + _("VxHS disk does not have TLS alias set")); + return NULL; + } + if (!(server =3D qemuBlockStorageSourceBuildJSONSocketAddress(src->hos= ts, true))) return NULL; =20 /* VxHS disk specification example: * { driver:"vxhs", + * [tls-creds:"objvirtio-disk0_tls0",] * vdisk-id:"eb90327c-8302-4725-4e85ed4dc251", * server:[{type:"tcp", host:"1.2.3.4", port:9999}]} */ if (virJSONValueObjectCreate(&ret, "s:driver", protocol, + "S:tls-creds", src->tlsAlias, "s:vdisk-id", src->path, "a:server", server, NULL) < 0) virJSONValueFree(server); diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 0a3278510..7b98e1947 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -794,6 +794,32 @@ qemuBuildTLSx509CommandLine(virCommandPtr cmd, } =20 =20 +/* qemuBuildDiskTLSx509CommandLine: + * + * Add TLS object if the disk uses a secure communication channel + * + * Returns 0 on success, -1 w/ error on some sort of failure. + */ +static int +qemuBuildDiskTLSx509CommandLine(virCommandPtr cmd, + virQEMUDriverConfigPtr cfg, + virDomainDiskDefPtr disk, + virQEMUCapsPtr qemuCaps) +{ + virStorageSourcePtr src =3D disk->src; + + /* other protocols may be added later */ + if (src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_VXHS && + disk->src->haveTLS =3D=3D VIR_TRISTATE_BOOL_YES) { + return qemuBuildTLSx509CommandLine(cmd, cfg->vxhsTLSx509certdir, + false, true, false, + disk->info.alias, qemuCaps); + } + + return 0; +} + + static char * qemuBuildNetworkDriveURI(virStorageSourcePtr src, qemuDomainSecretInfoPtr secinfo) @@ -2221,6 +2247,9 @@ qemuBuildDiskDriveCommandLine(virCommandPtr cmd, if (qemuBuildDiskSecinfoCommandLine(cmd, encinfo) < 0) return -1; =20 + if (qemuBuildDiskTLSx509CommandLine(cmd, cfg, disk, qemuCaps) < 0) + return -1; + virCommandAddArg(cmd, "-drive"); =20 if (!(optstr =3D qemuBuildDriveStr(disk, cfg, driveBoot, qemuCaps)= )) diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index b365078ec..e4174af35 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -152,6 +152,55 @@ qemuDomainPrepareDisk(virQEMUDriverPtr driver, =20 =20 static int +qemuDomainAddDiskTLSObject(virQEMUDriverPtr driver, + virDomainObjPtr vm, + virDomainDiskDefPtr disk, + char **tlsAlias) +{ + int ret =3D -1; + virQEMUDriverConfigPtr cfg =3D virQEMUDriverGetConfig(driver); + qemuDomainObjPrivatePtr priv =3D vm->privateData; + virStorageSourcePtr src =3D disk->src; + virJSONValuePtr tlsProps =3D NULL; + + /* NB: This may alter haveTLS based on cfg */ + qemuDomainPrepareDiskSourceTLS(src, disk->info.alias, cfg); + + if (src->haveTLS !=3D VIR_TRISTATE_BOOL_YES) { + ret =3D 0; + goto cleanup; + } + + /* Initial implementation doesn't require/use a secret to decrypt + * a server certificate, so there's no need to manage a tlsSecAlias + * and tlsSecProps. See qemuDomainAddChardevTLSObjects for the + * methodology required to add a secret object. */ + + /* For a VxHS environment, create a TLS object for the client to + * connect to the VxHS server. */ + if (src->type =3D=3D VIR_STORAGE_TYPE_NETWORK && + src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_VXHS && + qemuDomainGetTLSObjects(priv->qemuCaps, NULL, + cfg->vxhsTLSx509certdir, false, true, + disk->info.alias, &tlsProps, tlsAlias, + NULL, NULL) < 0) + goto cleanup; + + if (qemuDomainAddTLSObjects(driver, vm, QEMU_ASYNC_JOB_NONE, + NULL, NULL, *tlsAlias, &tlsProps) < 0) + goto cleanup; + + ret =3D 0; + + cleanup: + virJSONValueFree(tlsProps); + virObjectUnref(cfg); + + return ret; +} + + +static int qemuHotplugWaitForTrayEject(virQEMUDriverPtr driver, virDomainObjPtr vm, virDomainDiskDefPtr disk, @@ -315,6 +364,7 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn, char *devstr =3D NULL; char *drivestr =3D NULL; char *drivealias =3D NULL; + char *tlsAlias =3D NULL; bool releaseaddr =3D false; bool driveAdded =3D false; bool secobjAdded =3D false; @@ -372,6 +422,9 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn, if (encinfo && qemuBuildSecretInfoProps(encinfo, &encobjProps) < 0) goto error; =20 + if (qemuDomainAddDiskTLSObject(driver, vm, disk, &tlsAlias) < 0) + goto error; + if (!(drivestr =3D qemuBuildDriveStr(disk, cfg, false, priv->qemuCaps)= )) goto error; =20 @@ -422,6 +475,7 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn, ret =3D 0; =20 cleanup: + VIR_FREE(tlsAlias); virJSONValueFree(secobjProps); virJSONValueFree(encobjProps); qemuDomainSecretDiskDestroy(disk); @@ -453,6 +507,8 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn, virDomainAuditDisk(vm, NULL, disk->src, "attach", false); =20 error: + qemuDomainDelTLSObjects(driver, vm, QEMU_ASYNC_JOB_NONE, NULL, tlsAlia= s); + if (releaseaddr) qemuDomainReleaseDeviceAddress(vm, &disk->info, src); =20 @@ -611,6 +667,7 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn, virErrorPtr orig_err; char *drivestr =3D NULL; char *devstr =3D NULL; + char *tlsAlias =3D NULL; bool driveAdded =3D false; bool encobjAdded =3D false; bool secobjAdded =3D false; @@ -667,6 +724,9 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn, if (!(devstr =3D qemuBuildDriveDevStr(vm->def, disk, 0, priv->qemuCaps= ))) goto error; =20 + if (qemuDomainAddDiskTLSObject(driver, vm, disk, &tlsAlias) < 0) + goto error; + if (!(drivestr =3D qemuBuildDriveStr(disk, cfg, false, priv->qemuCaps)= )) goto error; =20 @@ -712,6 +772,7 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn, ret =3D 0; =20 cleanup: + VIR_FREE(tlsAlias); virJSONValueFree(secobjProps); virJSONValueFree(encobjProps); qemuDomainSecretDiskDestroy(disk); @@ -740,6 +801,8 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn, virDomainAuditDisk(vm, NULL, disk->src, "attach", false); =20 error: + qemuDomainDelTLSObjects(driver, vm, QEMU_ASYNC_JOB_NONE, NULL, tlsAlia= s); + ignore_value(qemuDomainPrepareDisk(driver, vm, disk, NULL, true)); goto cleanup; } @@ -756,6 +819,7 @@ qemuDomainAttachUSBMassStorageDevice(virQEMUDriverPtr d= river, char *drivealias =3D NULL; char *drivestr =3D NULL; char *devstr =3D NULL; + char *tlsAlias =3D NULL; bool driveAdded =3D false; virQEMUDriverConfigPtr cfg =3D virQEMUDriverGetConfig(driver); const char *src =3D virDomainDiskGetSource(disk); @@ -780,6 +844,9 @@ qemuDomainAttachUSBMassStorageDevice(virQEMUDriverPtr d= river, if (qemuAssignDeviceDiskAlias(vm->def, disk, priv->qemuCaps) < 0) goto error; =20 + if (qemuDomainAddDiskTLSObject(driver, vm, disk, &tlsAlias) < 0) + goto error; + if (!(drivestr =3D qemuBuildDriveStr(disk, cfg, false, priv->qemuCaps)= )) goto error; =20 @@ -810,6 +877,7 @@ qemuDomainAttachUSBMassStorageDevice(virQEMUDriverPtr d= river, ret =3D 0; =20 cleanup: + VIR_FREE(tlsAlias); if (ret < 0 && releaseaddr) virDomainUSBAddressRelease(priv->usbaddrs, &disk->info); VIR_FREE(devstr); @@ -833,6 +901,8 @@ qemuDomainAttachUSBMassStorageDevice(virQEMUDriverPtr d= river, virDomainAuditDisk(vm, NULL, disk->src, "attach", false); =20 error: + qemuDomainDelTLSObjects(driver, vm, QEMU_ASYNC_JOB_NONE, NULL, tlsAlia= s); + ignore_value(qemuDomainPrepareDisk(driver, vm, disk, NULL, true)); goto cleanup; } @@ -3710,6 +3780,9 @@ qemuDomainRemoveDiskDevice(virQEMUDriverPtr driver, ignore_value(qemuMonitorDelObject(priv->mon, encAlias)); VIR_FREE(encAlias); =20 + if (disk->src->tlsAlias) + ignore_value(qemuMonitorDelObject(priv->mon, disk->src->tlsAlias)); + if (qemuDomainObjExitMonitor(driver, vm) < 0) return -1; =20 diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509= -multidisk-vxhs.args b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-netwo= rk-tlsx509-multidisk-vxhs.args new file mode 100644 index 000000000..572c9f36c --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-multid= isk-vxhs.args @@ -0,0 +1,43 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/home/test \ +USER=3Dtest \ +LOGNAME=3Dtest \ +QEMU_AUDIO_DRV=3Dnone \ +/usr/bin/qemu-system-x86_64 \ +-name QEMUGuest1 \ +-S \ +-M pc \ +-cpu qemu32 \ +-m 214 \ +-smp 1,sockets=3D1,cores=3D1,threads=3D1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-nographic \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,path=3D/tmp/lib/domain--1-QEMUGuest1/moni= tor.sock,\ +server,nowait \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dreadline \ +-no-acpi \ +-boot c \ +-usb \ +-object tls-creds-x509,id=3Dobjvirtio-disk0_tls0,dir=3D/etc/pki/qemu,\ +endpoint=3Dclient,verify-peer=3Dyes \ +-drive file.driver=3Dvxhs,file.tls-creds=3Dobjvirtio-disk0_tls0,\ +file.vdisk-id=3Deb90327c-8302-4725-9e1b-4e85ed4dc251,file.server.type=3Dtc= p,\ +file.server.host=3D192.168.0.1,file.server.port=3D9999,format=3Draw,if=3Dn= one,\ +id=3Ddrive-virtio-disk0,cache=3Dnone \ +-device virtio-blk-pci,bus=3Dpci.0,addr=3D0x4,drive=3Ddrive-virtio-disk0,\ +id=3Dvirtio-disk0 \ +-object tls-creds-x509,id=3Dobjvirtio-disk1_tls0,dir=3D/etc/pki/qemu,\ +endpoint=3Dclient,verify-peer=3Dyes \ +-drive file.driver=3Dvxhs,file.tls-creds=3Dobjvirtio-disk1_tls0,\ +file.vdisk-id=3Deb90327c-8302-4725-9e1b-4e85ed4dc252,file.server.type=3Dtc= p,\ +file.server.host=3D192.168.0.2,file.server.port=3D9999,format=3Draw,if=3Dn= one,\ +id=3Ddrive-virtio-disk1,cache=3Dnone \ +-device virtio-blk-pci,bus=3Dpci.0,addr=3D0x5,drive=3Ddrive-virtio-disk1,\ +id=3Dvirtio-disk1 \ +-drive file.driver=3Dvxhs,file.vdisk-id=3Deb90327c-8302-4725-9e1b-4e85ed4d= c253,\ +file.server.type=3Dtcp,file.server.host=3D192.168.0.3,file.server.port=3D9= 999,\ +format=3Draw,if=3Dnone,id=3Ddrive-virtio-disk2,cache=3Dnone \ +-device virtio-blk-pci,bus=3Dpci.0,addr=3D0x6,drive=3Ddrive-virtio-disk2,\ +id=3Dvirtio-disk2 diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509= -multidisk-vxhs.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-networ= k-tlsx509-multidisk-vxhs.xml new file mode 100644 index 000000000..a66e81f06 --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-multid= isk-vxhs.xml @@ -0,0 +1,50 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219136 + 219136 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + + + + eb90327c-8302-4725-9e1b-4e85ed4dc251 +
+ + + + + + + + eb90327c-8302-4725-9e1b-4e85ed4dc252 +
+ + + + + + + + eb90327c-8302-4725-9e1b-4e85ed4dc252 +
+ + + + + + + + diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509= -vxhs.args b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509= -vxhs.args new file mode 100644 index 000000000..aaf88635b --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-vxhs.a= rgs @@ -0,0 +1,30 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/home/test \ +USER=3Dtest \ +LOGNAME=3Dtest \ +QEMU_AUDIO_DRV=3Dnone \ +/usr/bin/qemu-system-x86_64 \ +-name QEMUGuest1 \ +-S \ +-M pc \ +-cpu qemu32 \ +-m 214 \ +-smp 1,sockets=3D1,cores=3D1,threads=3D1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-nographic \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,path=3D/tmp/lib/domain--1-QEMUGuest1/moni= tor.sock,\ +server,nowait \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dreadline \ +-no-acpi \ +-boot c \ +-usb \ +-object tls-creds-x509,id=3Dobjvirtio-disk0_tls0,dir=3D/etc/pki/qemu,\ +endpoint=3Dclient,verify-peer=3Dyes \ +-drive file.driver=3Dvxhs,file.tls-creds=3Dobjvirtio-disk0_tls0,\ +file.vdisk-id=3Deb90327c-8302-4725-9e1b-4e85ed4dc251,file.server.type=3Dtc= p,\ +file.server.host=3D192.168.0.1,file.server.port=3D9999,format=3Draw,if=3Dn= one,\ +id=3Ddrive-virtio-disk0,cache=3Dnone \ +-device virtio-blk-pci,bus=3Dpci.0,addr=3D0x4,drive=3Ddrive-virtio-disk0,\ +id=3Dvirtio-disk0 diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 01a518eff..5cdc1a726 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -932,6 +932,13 @@ mymain(void) DO_TEST("disk-drive-network-rbd-ipv6", NONE); DO_TEST_FAILURE("disk-drive-network-rbd-no-colon", NONE); DO_TEST("disk-drive-network-vxhs", QEMU_CAPS_VXHS); + driver.config->vxhsTLS =3D 1; + DO_TEST("disk-drive-network-tlsx509-vxhs", QEMU_CAPS_VXHS, + QEMU_CAPS_OBJECT_TLS_CREDS_X509); + DO_TEST("disk-drive-network-tlsx509-multidisk-vxhs", QEMU_CAPS_VXHS, + QEMU_CAPS_OBJECT_TLS_CREDS_X509); + driver.config->vxhsTLS =3D 0; + VIR_FREE(driver.config->vxhsTLSx509certdir); DO_TEST("disk-drive-no-boot", QEMU_CAPS_BOOTINDEX); DO_TEST_PARSE_ERROR("disk-device-lun-type-invalid", --=20 2.13.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list