From nobody Mon May 6 03:56:22 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527684131783458.99980313004244; Wed, 30 May 2018 05:42:11 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 366ED31647A0; Wed, 30 May 2018 12:42:10 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id F1CB516E23; Wed, 30 May 2018 12:42:09 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 567054CA84; Wed, 30 May 2018 12:42:09 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4UCflq4027446 for ; Wed, 30 May 2018 08:41:48 -0400 Received: by smtp.corp.redhat.com (Postfix) id DB3C5217B40A; Wed, 30 May 2018 12:41:47 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7EC10217B409 for ; Wed, 30 May 2018 12:41:47 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Wed, 30 May 2018 14:40:57 +0200 Message-Id: <77e56566e2f62d4fc2b7a4cca512771bf715ea05.1527683835.git.pkrempa@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 01/38] qemu: domain: Add helper to check if encrypted secrets can be used with a VM X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]); Wed, 30 May 2018 12:42:10 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" This helper checks that the vm has the master key setup and libvirt supports the given encryption algorithm. Signed-off-by: Peter Krempa Reviewed-by: J=EF=BF=BDn Tomko --- src/qemu/qemu_domain.c | 19 +++++++++++++++++-- src/qemu/qemu_domain.h | 2 ++ 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 2c51e4c0d8..708d562e82 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1292,6 +1292,22 @@ qemuDomainSecretAESSetup(qemuDomainObjPrivatePtr pri= v, } +/** + * qemuDomainSupportsEncryptedSecret: + * @priv: qemu domain private data + * + * Returns true if libvirt can use encrypted 'secret' objects with VM which + * @priv belongs to. + */ +bool +qemuDomainSupportsEncryptedSecret(qemuDomainObjPrivatePtr priv) +{ + return virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC) && + virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET) && + priv->masterKey; +} + + /* qemuDomainSecretSetup: * @priv: pointer to domain private object * @secinfo: Pointer to secret info @@ -1320,8 +1336,7 @@ qemuDomainSecretSetup(qemuDomainObjPrivatePtr priv, bool iscsiHasPS =3D virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_ISCSI_PASSWORD_SECRET); - if (virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC) && - virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET) && + if (qemuDomainSupportsEncryptedSecret(priv) && (usageType =3D=3D VIR_SECRET_USAGE_TYPE_CEPH || (usageType =3D=3D VIR_SECRET_USAGE_TYPE_ISCSI && iscsiHasPS) || usageType =3D=3D VIR_SECRET_USAGE_TYPE_VOLUME || diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 2e0f4df0fb..f7405e0c6c 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -831,6 +831,8 @@ int qemuDomainMasterKeyCreate(virDomainObjPtr vm); void qemuDomainMasterKeyRemove(qemuDomainObjPrivatePtr priv); +bool qemuDomainSupportsEncryptedSecret(qemuDomainObjPrivatePtr priv); + void qemuDomainSecretInfoFree(qemuDomainSecretInfoPtr *secinfo) ATTRIBUTE_NONNULL(1); --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon May 6 03:56:22 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527684141970226.9382402727466; Wed, 30 May 2018 05:42:21 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 757A17DA5F; Wed, 30 May 2018 12:42:20 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2E05617C59; Wed, 30 May 2018 12:42:20 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id C0AE2180BA82; Wed, 30 May 2018 12:42:19 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4UCfmcG027451 for ; Wed, 30 May 2018 08:41:48 -0400 Received: by smtp.corp.redhat.com (Postfix) id 7D5A0217B40A; Wed, 30 May 2018 12:41:48 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id 22463217B409 for ; Wed, 30 May 2018 12:41:48 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Wed, 30 May 2018 14:40:58 +0200 Message-Id: In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 02/38] qemu: domain: Reuse code when preparing hostdev auth secrets X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Wed, 30 May 2018 12:42:21 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Use qemuDomainSecretStorageSourcePrepare in qemuDomainSecretHostdevPrepare as it uses a virStorageSource to prepare the authentication secret object data. Signed-off-by: Peter Krempa Reviewed-by: J=EF=BF=BDn Tomko --- src/qemu/qemu_domain.c | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 708d562e82..8a93223633 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1600,22 +1600,11 @@ qemuDomainSecretHostdevPrepare(qemuDomainObjPrivate= Ptr priv, virDomainHostdevSubsysSCSIPtr scsisrc =3D &hostdev->source.subsys.= u.scsi; virDomainHostdevSubsysSCSIiSCSIPtr iscsisrc =3D &scsisrc->u.iscsi; virStorageSourcePtr src =3D iscsisrc->src; - qemuDomainStorageSourcePrivatePtr srcPriv; if (scsisrc->protocol =3D=3D VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE= _ISCSI && src->auth) { - - if (!(src->privateData =3D qemuDomainStorageSourcePrivateNew()= )) - return -1; - - srcPriv =3D QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(src); - - if (!(srcPriv->secinfo =3D - qemuDomainSecretInfoNew(priv, hostdev->info->alias, - VIR_SECRET_USAGE_TYPE_ISCSI, - src->auth->username, - &src->auth->seclookupdef, - false))) + if (qemuDomainSecretStorageSourcePrepare(priv, src, + hostdev->info->alias,= NULL) < 0) return -1; } } --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon May 6 03:56:22 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527684147824734.9481149961523; Wed, 30 May 2018 05:42:27 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5A5227BF1F; Wed, 30 May 2018 12:42:26 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 20CB018122; Wed, 30 May 2018 12:42:26 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id BD2EC180BA82; Wed, 30 May 2018 12:42:25 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4UCfnv0027459 for ; Wed, 30 May 2018 08:41:49 -0400 Received: by smtp.corp.redhat.com (Postfix) id 20727217B40A; Wed, 30 May 2018 12:41:49 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id B9282217B409 for ; Wed, 30 May 2018 12:41:48 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Wed, 30 May 2018 14:40:59 +0200 Message-Id: In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 03/38] qemu: domain: Rename qemuDomainSecretDiskCapable X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Wed, 30 May 2018 12:42:27 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" The function checks whether the storage source requires authentication secret setup. Rename it accordingly. Signed-off-by: Peter Krempa Reviewed-by: J=EF=BF=BDn Tomko --- src/qemu/qemu_domain.c | 4 ++-- src/qemu/qemu_domain.h | 2 +- src/qemu/qemu_hotplug.c | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 8a93223633..b454edd0e4 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1459,7 +1459,7 @@ qemuDomainSecretDiskDestroy(virDomainDiskDefPtr disk) bool -qemuDomainSecretDiskCapable(virStorageSourcePtr src) +qemuDomainStorageSourceHasAuth(virStorageSourcePtr src) { if (!virStorageSourceIsEmpty(src) && virStorageSourceGetActualType(src) =3D=3D VIR_STORAGE_TYPE_NETWORK= && @@ -1505,7 +1505,7 @@ qemuDomainSecretStorageSourcePrepare(qemuDomainObjPri= vatePtr priv, const char *encalias) { qemuDomainStorageSourcePrivatePtr srcPriv; - bool hasAuth =3D qemuDomainSecretDiskCapable(src); + bool hasAuth =3D qemuDomainStorageSourceHasAuth(src); bool hasEnc =3D qemuDomainDiskHasEncryptionSecret(src); if (!hasAuth && !hasEnc) diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index f7405e0c6c..f76404e1ac 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -839,7 +839,7 @@ void qemuDomainSecretInfoFree(qemuDomainSecretInfoPtr *= secinfo) void qemuDomainSecretDiskDestroy(virDomainDiskDefPtr disk) ATTRIBUTE_NONNULL(1); -bool qemuDomainSecretDiskCapable(virStorageSourcePtr src) +bool qemuDomainStorageSourceHasAuth(virStorageSourcePtr src) ATTRIBUTE_NONNULL(1); bool qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src) diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index b4bbe62c75..2899f49fff 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -3854,7 +3854,7 @@ qemuDomainRemoveDiskDevice(virQEMUDriverPtr driver, * been removed during cleanup of qemuProcessLaunch. Likewise, libvirtd * restart wouldn't have them, so no assumption can be made. */ if (virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET) && - qemuDomainSecretDiskCapable(disk->src)) { + qemuDomainStorageSourceHasAuth(disk->src)) { if (!(objAlias =3D qemuDomainGetSecretAESAlias(disk->info.alias, false))) { @@ -4109,7 +4109,7 @@ qemuDomainRemoveHostDevice(virQEMUDriverPtr driver, * attempt to remove the object as well. */ if (scsisrc->protocol =3D=3D VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE= _ISCSI && virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_ISCSI_PASSWORD_SECRET= ) && - qemuDomainSecretDiskCapable(iscsisrc->src)) { + qemuDomainStorageSourceHasAuth(iscsisrc->src)) { if (!(objAlias =3D qemuDomainGetSecretAESAlias(hostdev->info->= alias, false))) goto cleanup; } --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon May 6 03:56:22 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527684154341527.7361944857739; Wed, 30 May 2018 05:42:34 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id BFE1F3001959; Wed, 30 May 2018 12:42:32 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 94AA617CC0; Wed, 30 May 2018 12:42:32 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 3B61E4CA91; Wed, 30 May 2018 12:42:32 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4UCfnFo027465 for ; Wed, 30 May 2018 08:41:49 -0400 Received: by smtp.corp.redhat.com (Postfix) id B721B217B40A; Wed, 30 May 2018 12:41:49 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5BE9C217B409 for ; Wed, 30 May 2018 12:41:49 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Wed, 30 May 2018 14:41:00 +0200 Message-Id: In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 04/38] qemu: domain: Rename and fix docs for qemuDomainSecretInfoNew X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.40]); Wed, 30 May 2018 12:42:33 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Rename it to qemuDomainSecretInfoNewPlain and annotate that it also may set up a 'plain' secret in some cases. This will eventually be refactored further. Signed-off-by: Peter Krempa Reviewed-by: J=EF=BF=BDn Tomko --- src/qemu/qemu_domain.c | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index b454edd0e4..cda3d00f75 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1354,7 +1354,7 @@ qemuDomainSecretSetup(qemuDomainObjPrivatePtr priv, } -/* qemuDomainSecretInfoNew: +/* qemuDomainSecretInfoNewPlain: * @priv: pointer to domain private object * @srcAlias: Alias base to use for TLS object * @usageType: Secret usage type @@ -1362,18 +1362,19 @@ qemuDomainSecretSetup(qemuDomainObjPrivatePtr priv, * @looupdef: lookup def describing secret * @isLuks: boolean for luks lookup * - * Helper function to create a secinfo to be used for secinfo consumers + * Helper function to create a secinfo to be used for secinfo consumers. T= his + * possibly sets up a 'plain' (unencrypted) secret for legacy consumers. * * Returns @secinfo on success, NULL on failure. Caller is responsible * to eventually free @secinfo. */ static qemuDomainSecretInfoPtr -qemuDomainSecretInfoNew(qemuDomainObjPrivatePtr priv, - const char *srcAlias, - virSecretUsageType usageType, - const char *username, - virSecretLookupTypeDefPtr lookupDef, - bool isLuks) +qemuDomainSecretInfoNewPlain(qemuDomainObjPrivatePtr priv, + const char *srcAlias, + virSecretUsageType usageType, + const char *username, + virSecretLookupTypeDefPtr lookupDef, + bool isLuks) { qemuDomainSecretInfoPtr secinfo =3D NULL; @@ -1424,9 +1425,9 @@ qemuDomainSecretInfoTLSNew(qemuDomainObjPrivatePtr pr= iv, } seclookupdef.type =3D VIR_SECRET_LOOKUP_TYPE_UUID; - return qemuDomainSecretInfoNew(priv, srcAlias, - VIR_SECRET_USAGE_TYPE_TLS, NULL, - &seclookupdef, false); + return qemuDomainSecretInfoNewPlain(priv, srcAlias, + VIR_SECRET_USAGE_TYPE_TLS, NULL, + &seclookupdef, false); } @@ -1523,18 +1524,18 @@ qemuDomainSecretStorageSourcePrepare(qemuDomainObjP= rivatePtr priv, usageType =3D VIR_SECRET_USAGE_TYPE_CEPH; if (!(srcPriv->secinfo =3D - qemuDomainSecretInfoNew(priv, authalias, - usageType, src->auth->username, - &src->auth->seclookupdef, false))) + qemuDomainSecretInfoNewPlain(priv, authalias, + usageType, src->auth->username, + &src->auth->seclookupdef, false= ))) return -1; } if (hasEnc) { if (!(srcPriv->encinfo =3D - qemuDomainSecretInfoNew(priv, encalias, - VIR_SECRET_USAGE_TYPE_VOLUME, NULL, - &src->encryption->secrets[0]->secloo= kupdef, - true))) + qemuDomainSecretInfoNewPlain(priv, encalias, + VIR_SECRET_USAGE_TYPE_VOLUME, N= ULL, + &src->encryption->secrets[0]->s= eclookupdef, + true))) return -1; } --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon May 6 03:56:22 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 152768413845042.317297318947226; Wed, 30 May 2018 05:42:18 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 742C8C07DE91; Wed, 30 May 2018 12:42:16 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3C2605D6B4; Wed, 30 May 2018 12:42:16 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id CB27B4CA81; Wed, 30 May 2018 12:42:15 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4UCfor7027477 for ; Wed, 30 May 2018 08:41:50 -0400 Received: by smtp.corp.redhat.com (Postfix) id 5989B217B40A; Wed, 30 May 2018 12:41:50 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id F2D15217B409 for ; Wed, 30 May 2018 12:41:49 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Wed, 30 May 2018 14:41:01 +0200 Message-Id: <2fa2faacd5db8ac2ac69e3811ce8ffb445210b71.1527683835.git.pkrempa@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 05/38] qemu: domain: Add new function to set up encrypted secrets only X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Wed, 30 May 2018 12:42:17 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Some code paths can't use the unencrypted secret. Add a helper which checks and sets up an encrypted secret only and reuse it when setting up the secret to decrypt the TLS private key in qemuDomainSecretInfoTLSNew. Signed-off-by: Peter Krempa Reviewed-by: J=EF=BF=BDn Tomko --- src/qemu/qemu_domain.c | 49 ++++++++++++++++++++++++++++++++++++++++++++++= --- 1 file changed, 46 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index cda3d00f75..67bf2f6718 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1399,6 +1399,49 @@ qemuDomainSecretInfoNewPlain(qemuDomainObjPrivatePtr= priv, } +/* qemuDomainSecretInfoNew: + * @priv: pointer to domain private object + * @srcAlias: Alias base to use for TLS object + * @usageType: Secret usage type + * @username: username for plain secrets (only) + * @looupdef: lookup def describing secret + * @isLuks: boolean for luks lookup + * + * Helper function to create a secinfo to be used for secinfo consumers. T= his + * possibly sets a encrypted secret object. + * + * Returns @secinfo on success, NULL on failure. Caller is responsible + * to eventually free @secinfo. + */ +static qemuDomainSecretInfoPtr +qemuDomainSecretInfoNew(qemuDomainObjPrivatePtr priv, + const char *srcAlias, + virSecretUsageType usageType, + const char *username, + virSecretLookupTypeDefPtr lookupDef, + bool isLuks) +{ + qemuDomainSecretInfoPtr secinfo =3D NULL; + + if (!qemuDomainSupportsEncryptedSecret(priv)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("encrypted secrets are not supported")); + return NULL; + } + + if (VIR_ALLOC(secinfo) < 0) + return NULL; + + if (qemuDomainSecretAESSetup(priv, secinfo, srcAlias, usageType, usern= ame, + lookupDef, isLuks) < 0) { + qemuDomainSecretInfoFree(&secinfo); + return NULL; + } + + return secinfo; +} + + /** * qemuDomainSecretInfoTLSNew: * @priv: pointer to domain private object @@ -1425,9 +1468,9 @@ qemuDomainSecretInfoTLSNew(qemuDomainObjPrivatePtr pr= iv, } seclookupdef.type =3D VIR_SECRET_LOOKUP_TYPE_UUID; - return qemuDomainSecretInfoNewPlain(priv, srcAlias, - VIR_SECRET_USAGE_TYPE_TLS, NULL, - &seclookupdef, false); + return qemuDomainSecretInfoNew(priv, srcAlias, + VIR_SECRET_USAGE_TYPE_TLS, NULL, + &seclookupdef, false); } --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon May 6 03:56:22 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 152768412053871.00915458375391; Wed, 30 May 2018 05:42:00 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 48D6230C5B6E; Wed, 30 May 2018 12:41:58 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2510E93DB6; Wed, 30 May 2018 12:41:57 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 13A314CA81; Wed, 30 May 2018 12:41:54 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4UCfpxk027482 for ; Wed, 30 May 2018 08:41:51 -0400 Received: by smtp.corp.redhat.com (Postfix) id F03B7217B40A; Wed, 30 May 2018 12:41:50 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9516B217B409 for ; Wed, 30 May 2018 12:41:50 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Wed, 30 May 2018 14:41:02 +0200 Message-Id: <08cb855f84091bac35c269851789521426abb33f.1527683835.git.pkrempa@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 06/38] qemu: domain: Setup disk encryption password secret via new helper X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.27 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.43]); Wed, 30 May 2018 12:41:59 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" The encryption secret is setup only for LUKS and thus requires the new approach. Use qemuDomainSecretInfoNew for initializing it. Signed-off-by: Peter Krempa Reviewed-by: J=EF=BF=BDn Tomko --- src/qemu/qemu_domain.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 67bf2f6718..d9b10ae96d 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1575,10 +1575,10 @@ qemuDomainSecretStorageSourcePrepare(qemuDomainObjP= rivatePtr priv, if (hasEnc) { if (!(srcPriv->encinfo =3D - qemuDomainSecretInfoNewPlain(priv, encalias, - VIR_SECRET_USAGE_TYPE_VOLUME, N= ULL, - &src->encryption->secrets[0]->s= eclookupdef, - true))) + qemuDomainSecretInfoNew(priv, encalias, + VIR_SECRET_USAGE_TYPE_VOLUME, NULL, + &src->encryption->secrets[0]->secloo= kupdef, + true))) return -1; } --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon May 6 03:56:22 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527684144659576.489425912061; Wed, 30 May 2018 05:42:24 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5DB3E67E15; Wed, 30 May 2018 12:42:22 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2BFE430012BD; Wed, 30 May 2018 12:42:22 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id CFDF3180BA85; Wed, 30 May 2018 12:42:21 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4UCfpf8027489 for ; Wed, 30 May 2018 08:41:51 -0400 Received: by smtp.corp.redhat.com (Postfix) id 92EC7217B40A; Wed, 30 May 2018 12:41:51 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id 37A22217B409 for ; Wed, 30 May 2018 12:41:51 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Wed, 30 May 2018 14:41:03 +0200 Message-Id: <5edea5cdf2892de6dd1a00b3920e29fd6916d907.1527683835.git.pkrempa@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 07/38] qemu: domain: Use qemuDomainSecretInfoNewPlain only for unencrypted secrets X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.26 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Wed, 30 May 2018 12:42:23 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Move the logic that determines which secret shall be used into the caller and make this function work only for plain secrets. This untangles the control flow by only checking relevant data. Signed-off-by: Peter Krempa Reviewed-by: J=EF=BF=BDn Tomko --- src/qemu/qemu_domain.c | 94 ++++++++++++----------------------------------= ---- 1 file changed, 22 insertions(+), 72 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index d9b10ae96d..e4588f7428 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1308,94 +1308,33 @@ qemuDomainSupportsEncryptedSecret(qemuDomainObjPriv= atePtr priv) } -/* qemuDomainSecretSetup: - * @priv: pointer to domain private object - * @secinfo: Pointer to secret info - * @srcalias: Alias of the disk/hostdev used to generate the secret alias - * @usageType: The virSecretUsageType - * @username: username to use for authentication (may be NULL) - * @seclookupdef: Pointer to seclookupdef data - * @isLuks: True when is luks (generates different alias) - * - * If we have the encryption API present and can support a secret object, = then - * build the AES secret; otherwise, build the Plain secret. This is the ma= gic - * decision point for utilizing the AES secrets for an RBD disk. For now i= SCSI - * disks and hostdevs will not be able to utilize this mechanism. - * - * Returns 0 on success, -1 on failure - */ -static int -qemuDomainSecretSetup(qemuDomainObjPrivatePtr priv, - qemuDomainSecretInfoPtr secinfo, - const char *srcalias, - virSecretUsageType usageType, - const char *username, - virSecretLookupTypeDefPtr seclookupdef, - bool isLuks) -{ - bool iscsiHasPS =3D virQEMUCapsGet(priv->qemuCaps, - QEMU_CAPS_ISCSI_PASSWORD_SECRET); - - if (qemuDomainSupportsEncryptedSecret(priv) && - (usageType =3D=3D VIR_SECRET_USAGE_TYPE_CEPH || - (usageType =3D=3D VIR_SECRET_USAGE_TYPE_ISCSI && iscsiHasPS) || - usageType =3D=3D VIR_SECRET_USAGE_TYPE_VOLUME || - usageType =3D=3D VIR_SECRET_USAGE_TYPE_TLS)) { - if (qemuDomainSecretAESSetup(priv, secinfo, srcalias, - usageType, username, - seclookupdef, isLuks) < 0) - return -1; - } else { - if (qemuDomainSecretPlainSetup(secinfo, usageType, - username, seclookupdef) < 0) - return -1; - } - return 0; -} - - /* qemuDomainSecretInfoNewPlain: - * @priv: pointer to domain private object - * @srcAlias: Alias base to use for TLS object * @usageType: Secret usage type * @username: username for plain secrets (only) * @looupdef: lookup def describing secret - * @isLuks: boolean for luks lookup * * Helper function to create a secinfo to be used for secinfo consumers. T= his - * possibly sets up a 'plain' (unencrypted) secret for legacy consumers. + * up a 'plain' (unencrypted) secret for legacy consumers. * * Returns @secinfo on success, NULL on failure. Caller is responsible * to eventually free @secinfo. */ static qemuDomainSecretInfoPtr -qemuDomainSecretInfoNewPlain(qemuDomainObjPrivatePtr priv, - const char *srcAlias, - virSecretUsageType usageType, +qemuDomainSecretInfoNewPlain(virSecretUsageType usageType, const char *username, - virSecretLookupTypeDefPtr lookupDef, - bool isLuks) + virSecretLookupTypeDefPtr lookupDef) { qemuDomainSecretInfoPtr secinfo =3D NULL; if (VIR_ALLOC(secinfo) < 0) return NULL; - if (qemuDomainSecretSetup(priv, secinfo, srcAlias, usageType, - username, lookupDef, isLuks) < 0) - goto error; - - if (!username && secinfo->type =3D=3D VIR_DOMAIN_SECRET_INFO_TYPE_PLAI= N) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("encrypted secrets are not supported")); - goto error; + if (qemuDomainSecretPlainSetup(secinfo, usageType, username, lookupDef= ) < 0) { + qemuDomainSecretInfoFree(&secinfo); + return NULL; } return secinfo; - - error: - qemuDomainSecretInfoFree(&secinfo); - return NULL; } @@ -1549,6 +1488,7 @@ qemuDomainSecretStorageSourcePrepare(qemuDomainObjPri= vatePtr priv, const char *encalias) { qemuDomainStorageSourcePrivatePtr srcPriv; + bool iscsiHasPS =3D virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_ISCSI_PAS= SWORD_SECRET); bool hasAuth =3D qemuDomainStorageSourceHasAuth(src); bool hasEnc =3D qemuDomainDiskHasEncryptionSecret(src); @@ -1566,11 +1506,21 @@ qemuDomainSecretStorageSourcePrepare(qemuDomainObjP= rivatePtr priv, if (src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_RBD) usageType =3D VIR_SECRET_USAGE_TYPE_CEPH; - if (!(srcPriv->secinfo =3D - qemuDomainSecretInfoNewPlain(priv, authalias, - usageType, src->auth->username, - &src->auth->seclookupdef, false= ))) - return -1; + if (!qemuDomainSupportsEncryptedSecret(priv) || + (src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_ISCSI && !iscsi= HasPS)) { + srcPriv->secinfo =3D qemuDomainSecretInfoNewPlain(usageType, + src->auth->use= rname, + &src->auth->se= clookupdef); + } else { + srcPriv->secinfo =3D qemuDomainSecretInfoNew(priv, authalias, + usageType, + src->auth->username, + &src->auth->seclook= updef, + false); + } + + if (!srcPriv->secinfo) + return -1; } if (hasEnc) { --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon May 6 03:56:22 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527684151129389.2412027692318; Wed, 30 May 2018 05:42:31 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 56252309C99D; Wed, 30 May 2018 12:42:28 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 1CBC717C5F; Wed, 30 May 2018 12:42:28 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B8D66180BA87; Wed, 30 May 2018 12:42:27 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4UCfqa8027494 for ; Wed, 30 May 2018 08:41:52 -0400 Received: by smtp.corp.redhat.com (Postfix) id 35902217B40A; Wed, 30 May 2018 12:41:52 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id CE627217B409 for ; Wed, 30 May 2018 12:41:51 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Wed, 30 May 2018 14:41:04 +0200 Message-Id: <5e7f25d05b375fed713eb0b02683e775de3022d8.1527683836.git.pkrempa@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 08/38] qemu: domain: Add helpers for partially clearing qemuDomainSecretInfoPtr X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.48]); Wed, 30 May 2018 12:42:29 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" It's desired to keep the alias around to allow referencing of the secret object used with qemu. Add set of APIs which will destroy all data except the alias. Signed-off-by: Peter Krempa Reviewed-by: J=EF=BF=BDn Tomko --- src/qemu/qemu_domain.c | 43 +++++++++++++++++++++++++++++++++++-------- src/qemu/qemu_domain.h | 2 ++ 2 files changed, 37 insertions(+), 8 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index e4588f7428..4318818e85 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -949,38 +949,65 @@ qemuDomainSecretPlainClear(qemuDomainSecretPlain secr= et) static void -qemuDomainSecretAESClear(qemuDomainSecretAES secret) +qemuDomainSecretAESClear(qemuDomainSecretAES secret, + bool keepAlias) { + if (!keepAlias) + VIR_FREE(secret.alias); + VIR_FREE(secret.username); - VIR_FREE(secret.alias); VIR_FREE(secret.iv); VIR_FREE(secret.ciphertext); } -void -qemuDomainSecretInfoFree(qemuDomainSecretInfoPtr *secinfo) +static void +qemuDomainSecretInfoClear(qemuDomainSecretInfoPtr secinfo, + bool keepAlias) { - if (!*secinfo) + if (!secinfo) return; - switch ((qemuDomainSecretInfoType) (*secinfo)->type) { + switch ((qemuDomainSecretInfoType) secinfo->type) { case VIR_DOMAIN_SECRET_INFO_TYPE_PLAIN: - qemuDomainSecretPlainClear((*secinfo)->s.plain); + qemuDomainSecretPlainClear(secinfo->s.plain); break; case VIR_DOMAIN_SECRET_INFO_TYPE_AES: - qemuDomainSecretAESClear((*secinfo)->s.aes); + qemuDomainSecretAESClear(secinfo->s.aes, keepAlias); break; case VIR_DOMAIN_SECRET_INFO_TYPE_LAST: break; } +} + + +void +qemuDomainSecretInfoFree(qemuDomainSecretInfoPtr *secinfo) +{ + if (!*secinfo) + return; + + qemuDomainSecretInfoClear(*secinfo, false); VIR_FREE(*secinfo); } +/** + * qemuDomainSecretInfoDestroy: + * @secinfo: object to destroy + * + * Removes any data unnecessary for further use, but keeps alias allocated. + */ +void +qemuDomainSecretInfoDestroy(qemuDomainSecretInfoPtr secinfo) +{ + qemuDomainSecretInfoClear(secinfo, true); +} + + static virClassPtr qemuDomainDiskPrivateClass; static void qemuDomainDiskPrivateDispose(void *obj); diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index f76404e1ac..3e139e0c57 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -836,6 +836,8 @@ bool qemuDomainSupportsEncryptedSecret(qemuDomainObjPri= vatePtr priv); void qemuDomainSecretInfoFree(qemuDomainSecretInfoPtr *secinfo) ATTRIBUTE_NONNULL(1); +void qemuDomainSecretInfoDestroy(qemuDomainSecretInfoPtr secinfo); + void qemuDomainSecretDiskDestroy(virDomainDiskDefPtr disk) ATTRIBUTE_NONNULL(1); --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon May 6 03:56:22 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527684157976771.4164557363166; Wed, 30 May 2018 05:42:37 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id CB6D930B4865; Wed, 30 May 2018 12:42:35 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8E44760BE3; Wed, 30 May 2018 12:42:35 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 23CF64A469; Wed, 30 May 2018 12:42:35 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4UCfqGZ027500 for ; Wed, 30 May 2018 08:41:53 -0400 Received: by smtp.corp.redhat.com (Postfix) id CD12E217B40A; Wed, 30 May 2018 12:41:52 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7111F217B409 for ; Wed, 30 May 2018 12:41:52 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Wed, 30 May 2018 14:41:05 +0200 Message-Id: In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 09/38] qemu: domain: Don't delete aliases of secret objects associated with disks X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.48]); Wed, 30 May 2018 12:42:37 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" We need to reference the secret objects by name when hot-unplugging disks. Don't remove the alias so that it does not need to be recalculated. Signed-off-by: Peter Krempa Reviewed-by: J=EF=BF=BDn Tomko --- src/qemu/qemu_domain.c | 29 ++++++++++------------------- 1 file changed, 10 insertions(+), 19 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 4318818e85..9ebb5d150c 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1440,31 +1440,23 @@ qemuDomainSecretInfoTLSNew(qemuDomainObjPrivatePtr = priv, } -static void -qemuDomainSecretStorageSourceDestroy(virStorageSourcePtr src) -{ - qemuDomainStorageSourcePrivatePtr srcPriv =3D QEMU_DOMAIN_STORAGE_SOUR= CE_PRIVATE(src); - - if (srcPriv && srcPriv->secinfo) - qemuDomainSecretInfoFree(&srcPriv->secinfo); - - if (srcPriv && srcPriv->encinfo) - qemuDomainSecretInfoFree(&srcPriv->encinfo); -} - - /* qemuDomainSecretDiskDestroy: * @disk: Pointer to a disk definition * - * Clear and destroy memory associated with the secret + * Clears unnecessary data associated with disk secret objects. */ void qemuDomainSecretDiskDestroy(virDomainDiskDefPtr disk) { - virStorageSourcePtr next; + qemuDomainStorageSourcePrivatePtr srcPriv; + virStorageSourcePtr n; - for (next =3D disk->src; virStorageSourceIsBacking(next); next =3D nex= t->backingStore) - qemuDomainSecretStorageSourceDestroy(next); + for (n =3D disk->src; virStorageSourceIsBacking(n); n =3D n->backingSt= ore) { + if ((srcPriv =3D QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(n))) { + qemuDomainSecretInfoDestroy(srcPriv->secinfo); + qemuDomainSecretInfoDestroy(srcPriv->encinfo); + } + } } @@ -1698,8 +1690,7 @@ qemuDomainSecretChardevPrepare(virQEMUDriverConfigPtr= cfg, /* qemuDomainSecretDestroy: * @vm: Domain object * - * Once completed with the generation of the command line it is - * expect to remove the secrets + * Removes all unnecessary data which was needed to generate 'secret' obje= cts. */ void qemuDomainSecretDestroy(virDomainObjPtr vm) --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon May 6 03:56:22 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527684134196519.9076687869846; Wed, 30 May 2018 05:42:14 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 509F130C2AC4; Wed, 30 May 2018 12:42:12 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 09DDA5D6B4; Wed, 30 May 2018 12:42:12 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6A4A918033EE; Wed, 30 May 2018 12:42:11 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4UCfrNi027505 for ; Wed, 30 May 2018 08:41:53 -0400 Received: by smtp.corp.redhat.com (Postfix) id 6FCB7217B40A; Wed, 30 May 2018 12:41:53 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id 148CE217B409 for ; Wed, 30 May 2018 12:41:52 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Wed, 30 May 2018 14:41:06 +0200 Message-Id: In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 10/38] qemu: Store and parse disk authentication and encryption secret alias X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.46]); Wed, 30 May 2018 12:42:13 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Rather than trying to figure out which alias was used, store it in the status XML. Reviewed-by: J=EF=BF=BDn Tomko --- src/qemu/qemu_domain.c | 90 +++++++++++++++++++++++++++= ++-- tests/qemustatusxml2xmldata/modern-in.xml | 4 ++ 2 files changed, 90 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 9ebb5d150c..a6494ff5fc 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1991,20 +1991,84 @@ qemuDomainObjPrivateFree(void *data) } +static int +qemuStorageSourcePrivateDataAssignSecinfo(qemuDomainSecretInfoPtr *secinfo, + char **alias) +{ + if (!*alias) + return 0; + + if (!*secinfo) { + if (VIR_ALLOC(*secinfo) < 0) + return -1; + + (*secinfo)->type =3D VIR_DOMAIN_SECRET_INFO_TYPE_AES; + } + + if ((*secinfo)->type =3D=3D VIR_DOMAIN_SECRET_INFO_TYPE_AES) + VIR_STEAL_PTR((*secinfo)->s.aes.alias, *alias); + + return 0; +} + + static int qemuStorageSourcePrivateDataParse(xmlXPathContextPtr ctxt, virStorageSourcePtr src) { + qemuDomainStorageSourcePrivatePtr priv; + char *authalias =3D NULL; + char *encalias =3D NULL; + int ret =3D -1; + src->nodestorage =3D virXPathString("string(./nodenames/nodename[@type= =3D'storage']/@name)", ctxt); src->nodeformat =3D virXPathString("string(./nodenames/nodename[@type= =3D'format']/@name)", ctxt); if (src->pr) src->pr->mgralias =3D virXPathString("string(./reservations/@mgral= ias)", ctxt); + authalias =3D virXPathString("string(./objects/secret[@type=3D'auth']/= @alias)", ctxt); + encalias =3D virXPathString("string(./objects/secret[@type=3D'encrypti= on']/@alias)", ctxt); + + if (authalias || encalias) { + if (!src->privateData && + !(src->privateData =3D qemuDomainStorageSourcePrivateNew())) + goto cleanup; + + priv =3D QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(src); + + if (qemuStorageSourcePrivateDataAssignSecinfo(&priv->secinfo, &aut= halias) < 0) + goto cleanup; + + if (qemuStorageSourcePrivateDataAssignSecinfo(&priv->encinfo, &enc= alias) < 0) + goto cleanup; + } + if (virStorageSourcePrivateDataParseRelPath(ctxt, src) < 0) - return -1; + goto cleanup; - return 0; + ret =3D 0; + + cleanup: + VIR_FREE(authalias); + VIR_FREE(encalias); + + return ret; +} + + +static void +qemuStorageSourcePrivateDataFormatSecinfo(virBufferPtr buf, + qemuDomainSecretInfoPtr secinfo, + const char *type) +{ + if (!secinfo || + secinfo->type !=3D VIR_DOMAIN_SECRET_INFO_TYPE_AES || + !secinfo->s.aes.alias) + return; + + virBufferAsprintf(buf, "\n", + type, secinfo->s.aes.alias); } @@ -2012,6 +2076,10 @@ static int qemuStorageSourcePrivateDataFormat(virStorageSourcePtr src, virBufferPtr buf) { + virBuffer tmp =3D VIR_BUFFER_INITIALIZER; + qemuDomainStorageSourcePrivatePtr srcPriv =3D QEMU_DOMAIN_STORAGE_SOUR= CE_PRIVATE(src); + int ret =3D -1; + if (src->nodestorage || src->nodeformat) { virBufferAddLit(buf, "\n"); virBufferAdjustIndent(buf, 2); @@ -2025,9 +2093,23 @@ qemuStorageSourcePrivateDataFormat(virStorageSourceP= tr src, virBufferAsprintf(buf, "\n", src->p= r->mgralias); if (virStorageSourcePrivateDataFormatRelPath(src, buf) < 0) - return -1; + goto cleanup; - return 0; + virBufferSetChildIndent(&tmp, buf); + + if (srcPriv) { + qemuStorageSourcePrivateDataFormatSecinfo(&tmp, srcPriv->secinfo, = "auth"); + qemuStorageSourcePrivateDataFormatSecinfo(&tmp, srcPriv->encinfo, = "encryption"); + } + + if (virXMLFormatElement(buf, "objects", NULL, &tmp) < 0) + goto cleanup; + + ret =3D 0; + + cleanup: + virBufferFreeAndReset(&tmp); + return ret; } diff --git a/tests/qemustatusxml2xmldata/modern-in.xml b/tests/qemustatusxm= l2xmldata/modern-in.xml index 5b7e2a34cb..42869261d0 100644 --- a/tests/qemustatusxml2xmldata/modern-in.xml +++ b/tests/qemustatusxml2xmldata/modern-in.xml @@ -319,6 +319,10 @@ base.qcow2 + + + + --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon May 6 03:56:22 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527684166066303.6440325315365; Wed, 30 May 2018 05:42:46 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 320FA30A5DB7; Wed, 30 May 2018 12:42:42 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E78D23083326; Wed, 30 May 2018 12:42:41 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 575BD180BA87; Wed, 30 May 2018 12:42:41 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4UCfs9F027513 for ; Wed, 30 May 2018 08:41:55 -0400 Received: by smtp.corp.redhat.com (Postfix) id 4DB27217B40A; Wed, 30 May 2018 12:41:54 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id AB819217B409 for ; Wed, 30 May 2018 12:41:53 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Wed, 30 May 2018 14:41:07 +0200 Message-Id: <29b25043f8627ed6ac10536028fcad8142986932.1527683836.git.pkrempa@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 11/38] tests: qemustatusxml2xml: Add test data for re-generating LUKS/auth aliases X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.26 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Wed, 30 May 2018 12:42:44 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Add tests for upcomming re-generation of aliases for the secret objects used by qemu when upgrading libvirt. Signed-off-by: Peter Krempa Reviewed-by: J=EF=BF=BDn Tomko --- .../disk-secinfo-upgrade-in.xml | 507 +++++++++++++++++= ++++ .../disk-secinfo-upgrade-out.xml | 507 +++++++++++++++++= ++++ tests/qemuxml2xmltest.c | 1 + 3 files changed, 1015 insertions(+) create mode 100644 tests/qemustatusxml2xmldata/disk-secinfo-upgrade-in.xml create mode 100644 tests/qemustatusxml2xmldata/disk-secinfo-upgrade-out.xml diff --git a/tests/qemustatusxml2xmldata/disk-secinfo-upgrade-in.xml b/test= s/qemustatusxml2xmldata/disk-secinfo-upgrade-in.xml new file mode 100644 index 0000000000..d364fc7644 --- /dev/null +++ b/tests/qemustatusxml2xmldata/disk-secinfo-upgrade-in.xml @@ -0,0 +1,507 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + upstream + dcf47dbd-46d1-4d5b-b442-262a806a333a + 1024000 + 1024000 + + + + 8 + + + + + /machine + + + hvm + + + + + + + + + + + + + + + + + + + + destroy + restart + restart + + + + + + /usr/bin/qemu-system-x86_64 + + + + + + +
+ + + + + + + + + + + +
+ + + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + + + +
+ + + + + + + + + + + + +
+ + + +
+ + + + +
+ + + + +
+ + + + +
+ + + + + + +
+ + + +
+ + + +
+ + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + + + +
+ + + + +
+ + + +
+ + + + + + + + + + + + + +
+ +