1. 16 10月, 2017 1 次提交
    • D
      qemu: ensure TLS clients always verify the server certificate · 9e6bc47b
      Daniel P. Berrange 提交于
      The default_tls_x509_verify (and related) parameters in qemu.conf
      control whether the QEMU TLS servers request & verify certificates
      from clients. This works as a simple access control system for
      servers by requiring the CA to issue certs to permitted clients.
      This use of client certificates is disabled by default, since it
      requires extra work to issue client certificates.
      
      Unfortunately the code was using this configuration parameter when
      setting up both TLS clients and servers in QEMU. The result was that
      TLS clients for character devices and disk devices had verification
      turned off, meaning they would ignore errors while validating the
      server certificate.
      
      This allows for trivial MITM attacks between client and server,
      as any certificate returned by the attacker will be accepted by
      the client.
      
      This is assigned CVE-2017-1000256  / LSN-2017-0002
      Reviewed-by: NEric Blake <eblake@redhat.com>
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      (cherry picked from commit 441d3eb6)
      9e6bc47b
  2. 26 10月, 2016 1 次提交
    • J
      qemu: Add a secret object to/for a char source dev · daf5c651
      John Ferlan 提交于
      Add the secret object so the 'passwordid=' can be added if the command line
      if there's a secret defined in/on the host for TCP chardev TLS objects.
      
      Preparation for the secret involves adding the secinfo to the char source
      device prior to command line processing. There are multiple possibilities
      for TCP chardev source backend usage.
      
      Add test for at least a serial chardev as an example.
      daf5c651
  3. 18 10月, 2016 2 次提交
    • P
      qemu: always generate the same alias for tls-creds-x509 object · df93b5f5
      Pavel Hrdina 提交于
      There was inconsistency between alias used to create tls-creds-x509
      object and alias used to link that object to chardev while hotpluging.
      Hotplug ends with this error:
      
        error: Failed to detach device from channel-tcp.xml
        error: internal error: unable to execute QEMU command 'chardev-add':
        No TLS credentials with id 'objcharchannel3_tls0'
      
      In XML we have for example alias "serial0", but on qemu command line we
      generate "charserial0".
      
      The issue was that code, that creates QMP command to hotplug chardev
      devices uses only the second alias "charserial0" and that alias is also
      used to link the tls-creds-x509 object.
      
      This patch unifies the aliases for tls-creds-x509 to be always generated
      from "charserial0".
      Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
      df93b5f5
    • J
      qemu: Add 'verify-peer=yes' test for chardev TCP TLS · 40b6f919
      John Ferlan 提交于
      Missing the option to set verify-peer to yes
      Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
      40b6f919
  4. 14 9月, 2016 1 次提交
  5. 09 9月, 2016 1 次提交
    • J
      qemu: Add support for TLS X.509 path to TCP chardev backend · ce61c164
      John Ferlan 提交于
      When building a chardev device string for tcp, add the necessary pieces to
      access provide the TLS X.509 path to qemu.  This includes generating the
      'tls-creds-x509' object and then adding the 'tls-creds' parameter to the
      VIR_DOMAIN_CHR_TYPE_TCP command line.
      
      Finally add the tests for the qemu command line. This test will make use
      of the "new(ish)" /etc/pki/qemu setting for a TLS certificate environment
      by *not* "resetting" the chardevTLSx509certdir prior to running the test.
      Also use the default "verify" option (which is "no").
      Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
      ce61c164
  6. 07 7月, 2016 1 次提交
    • P
      qemu: caps: Always assume QEMU_CAPS_SMP_TOPOLOGY · e114b091
      Peter Krempa 提交于
      Support for SMP topology was added by qemu commit dc6b1c09849484fbbc50
      prior to 0.12.0, our minimum supported qemu version.
      
      $ git describe --tags dc6b1c09849484fbbc50803307e4c7a3d81eab62
      v0.11.0-rc0-449-gdc6b1c0
      $ git describe --tags --contains dc6b1c09849484fbbc50803307e4c7a3d81eab
      v0.12.0-rc0~1477
      e114b091
  7. 01 3月, 2016 1 次提交
    • M
      qemu: Shorten per-domain directory names · a89f05ba
      Martin Kletzander 提交于
      Per-domain directories were introduced in order to be able to
      completely separate security labels for each domain (commit
      f1f68ca3).  However when the domain
      name is long (let's say a ridiculous 110 characters), we cannot
      connect to the monitor socket because on length of UNIX socket address
      is limited.  In order to get around this, let's shorten it in similar
      fashion and in order to avoid conflicts, throw in an ID there as well.
      Also save that into the status XML and load the old status XMLs
      properly (to clean up after older domains).  That way we can change it
      in the future.
      
      The shortening can be seen in qemuxml2argv tests, for example in the
      hugepages-pages2 case.
      Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
      a89f05ba
  8. 05 1月, 2016 1 次提交
    • M
      qemu: Specify format= iff disk source is not empty · d7db33bf
      Michal Privoznik 提交于
      Just recently, qemu forbade specifying format for sourceless
      disks (qemu commit 39c4ae941ed992a3bb5). It kind of makes sense.
      If there's no file to open, why specify its format. Anyway, I
      have a domain like this:
      
          <disk type='file' device='cdrom'>
            <driver name='qemu' type='raw'/>
            <target dev='hda' bus='ide'/>
            <readonly/>
            <address type='drive' controller='0' bus='0' target='0' unit='0'/>
          </disk>
      
      and obviously I am unable to start it. Therefore, a fix on our
      side is needed too.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      d7db33bf
  9. 10 11月, 2015 4 次提交
  10. 09 11月, 2015 1 次提交
    • D
      tests: redo test argv file line wrapping · 8afd34f2
      Daniel P. Berrange 提交于
      Back in
      
        commit bd6c46fa
        Author: Juerg Haefliger <juerg.haefliger@hp.com>
        Date:   Mon Jan 31 06:42:57 2011 -0500
      
          tests: handle backspace-newline pairs in test input files
      
      all the test argv files were line wrapped so that the args
      were less than 80 characters.
      
      The way the line wrapping was done turns out to be quite
      undesirable, because it often leaves multiple parameters
      on the same line. If we later need to add or remove
      individual parameters, then it leaves us having to redo
      line wrapping.
      
      This commit changes the line wrapping so that every
      single "-param value" is one its own new line. If the
      "value" is still too long, then we break on ',' or ':'
      or ' ' as needed.
      
      This means that when we come to add / remove parameters
      from the test files line, the patch diffs will only
      ever show a single line added/removed which will greatly
      simplify review work.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      8afd34f2
  11. 03 9月, 2013 1 次提交
    • C
      qemu: Set QEMU_AUDIO_DRV=none with -nographic · a216e648
      Cole Robinson 提交于
      On my machine, a guest fails to boot if it has a sound card, but not
      graphical device/display is configured, because pulseaudio fails to
      initialize since it can't access $HOME.
      
      A workaround is removing the audio device, however on ARM boards there
      isn't any option to do that, so -nographic always fails.
      
      Set QEMU_AUDIO_DRV=none if no <graphics> are configured. Unfortunately
      this has massive test suite fallout.
      
      Add a qemu.conf parameter nographics_allow_host_audio, that if enabled
      will pass through QEMU_AUDIO_DRV from sysconfig (similar to
      vnc_allow_host_audio)
      a216e648
  12. 30 10月, 2012 1 次提交
  13. 11 8月, 2011 1 次提交
    • C
      qemu: Fix -chardev udp if parameters are omitted · d30d5726
      Cole Robinson 提交于
      The following XML:
      
          <serial type='udp'>
            <source mode='connect' service='9999'/>
          </serial>
      
      is accepted by domain_conf.c but maps to the qemu command line:
      
      -chardev udp,host=127.0.0.1,port=2222,localaddr=(null),localport=(null)
      
      qemu can cope with everything omitting except the connection port, which
      seems to also be the intent of domain_conf validation, so let's not
      generate bogus command lines for that case.
      The defaults are empty strings for addresses and 0 for the localport
      
      Additionally, tweak the qemu cli parsing to handle omitted host
      parameters
      for -serial udp
      d30d5726
  14. 07 4月, 2011 1 次提交
  15. 01 2月, 2011 1 次提交
    • J
      tests: handle backspace-newline pairs in test input files · bd6c46fa
      Juerg Haefliger 提交于
      This patch teaches testutil how to read multi-line input files with
      backspace-newline line continuation markers.
      
      The patch also breaks up all the single-line arguments test input files into
      multi-line files with lines shorter than 80 characters.
      bd6c46fa
  16. 28 1月, 2011 1 次提交
    • E
      qemu: use separate alias for chardev and associated device · 3fdc7895
      Eric Blake 提交于
      * src/qemu/qemu_command.c (qemuBuildChrChardevStr): Alter the
      chardev alias.
      (qemuBuildCommandLine): Output an id for the chardev counterpart.
      * tests/qemuxml2argvdata/*: Update tests to match.
      Reported by Daniel P. Berrange.
      3fdc7895
  17. 21 7月, 2010 1 次提交
    • D
      Re-arrange PCI device address assignment to match QEMU's default · 0e308c2c
      Daniel P. Berrange 提交于
      To try and ensure that people upgrading from old QEMU get guests
      with the same PCI device ordering, change the way we assign addrs
      to match QEMU's default order. This should make Windows less
      annoyed.
      
      * src/qemu/qemu_conf.c: Follow QEMU's default PCI ordering
        logic when assigning addresses
      * tests/*.args: Update for changed PCI addresses
      0e308c2c
  18. 23 6月, 2010 1 次提交
    • D
      Add '-nodefconfig' command line arg to QEMU · f310b253
      Daniel P. Berrange 提交于
      We already use the '-nodefaults' command line arg with QEMU to stop
      it adding any default devices to guests. Unfortunately, QEMU will
      load global config files from /etc/qemu that may also add default
      devices. These aren't blocked by '-nodefaults', so we need to also
      add the '-nodefconfig' arg to prevent that.
      
      Unfortunately these global config files are also used to define
      custom CPU models. So in blocking global hardware device addition
      we also block definitions of new CPU models. Libvirt doesn't know
      about these custom CPU models though, so it would never make use
      of them anyway. Thus blocking them via -nodefconfig isn't a show
      stopping problem. We would need to expand libvirt's own CPU model
      XML database to support these instead.
      
      * src/qemu/qemu_conf.c: Add '-nodefconfig' if available
      * tests/qemuxml2argvdata/: Add '-nodefconfig' to all data files which
        have '-nodefaults' present
      f310b253
  19. 18 1月, 2010 2 次提交
    • D
      Convert VirtIO balloon over to -device syntax · b6692414
      Daniel P. Berrange 提交于
      Replace
      
         -balloon virtio
      
      With
      
         -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3
      
      This allows it to get correct assigned PCI address as declared in
      previous patch
      
       * src/qemu/qemu_conf.c: Convert Virtio ballon to -device and
         give it an explicit PCI address
       * tests/qemuxml2argvdata/qemuxml2argv-*args: Add in virtio balloon
         where appropriate
      b6692414
    • D
      Convert character devices over to use -device · 7b2f8cdd
      Daniel P. Berrange 提交于
      The current character device syntax uses either
      
        -serial tty,path=/dev/ttyS2
      
      Or
      
        -chardev tty,id=serial0,path=/dev/ttyS2 -serial chardev:serial0
      
      With the new -device support, we now prefer
      
        -chardev file,id=serial0,path=/tmp/serial.log -device isa-serial,chardev=serial0
      
      This patch changes the existing -chardev syntax to use this new
      scheme, and fallbacks to the old plain -serial syntax for old
      QEMU.
      
      The monitor device changes to
      
        -chardev socket,id=monitor,path=/tmp/test-monitor,server,nowait -mon chardev=monitor
      
      In addition, this patch adds --nodefaults, which kills off the
      default serial, parallel, vga and nic devices. THis avoids the
      need for us to explicitly turn each off
      7b2f8cdd
  20. 14 12月, 2009 1 次提交
    • M
      Make QEMU driver use -chardev everywhere if available · a8eb010e
      Matthew Booth 提交于
      Change -monitor, -serial and -parallel output to use -chardev if it is
      available.
      * src/qemu/qemu_conf.c: Update qemudBuildCommandLine to use -chardev where
        available.
      * tests/qemuxml2argvtest.c tests/qemuxml2argvdata/: Add -chardev equivalents
        for all current serial and parallel tests.
      a8eb010e