- 05 6月, 2018 40 次提交
-
-
由 Peter Krempa 提交于
Some callers will not need to generate the alias again. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
For some reason the function returned an error if secAlias was not passed in. It's not an error, in fact it's desired. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Always parse the 'tls' source field and let the drivers decide whether they support it. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Select protocol using a switch with all cases enumerated. This will simplify checking unsupported protocols and adding new support. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Remove the loop from qemuDomainPrepareDiskSourceTLS and rename it to qemuDomainPrepareStorageSourceTLS. Currently there is no backing chain to prepare so fixing one device is equivalent. In the future it will be reused in a function which will do the looping. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Split out the code into a separate function so that all steps for a storage protocol are contained and the original function is easily extendable. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
When using blockdev the approach to base aliases will change. Add a helper function that will aggregate all code which needs to be called with the disk alias for the -drive to setup internal data. qemuDomainSecretDiskPrepare wrapper is no longer necessary as the contents were moved to a function which is designed to use the old aliases. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Remove the call to the validating function from the function which sets stuff up. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Convert the function to just prepare data for the disk. Callers need to do the looping since there's more to do than just copy the data around. The code path in qemuDomainPrepareDiskSource doesn't need to loop over the chain yet, since there currently is no chain at this point. This will be addressed later in the blockdev series where we will setup much more stuff. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
qemuDomainPrepareDiskSourceChain should set up the disk zero detection mode only for the top level image. Since it's invoked also for the middle of the chain we need to check that it's really only the top level image. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
When restarting libvirt would previously lose the alias of the x509 certificate object. Upon unplug we would then not delete the corresponding objects. Restore the alias if we know it should be there. Luckily for disks we don't support encrypted TLS environment, so there's no need to regenerate the 'secret' alias for decryption. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Libvirt uses the stored alias to detach the TLS x509 object on disk unplug. As the alias was not stored, the object would not be detached if unplugging disks after libvirtd restart. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Using 'haveTLS' to do this is pointless if the alias is not set. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Now that we remember the alias we've used to attach the secret objects we should reuse them rather than trying to infer them from the disk configuration. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Previously we did not store the aliases but rather re-generated them when unplug was necessary. This is very cumbersome since the knowledge when and which alias to use needs to be stored in the hotplug code as well. While this patch will not strictly improve this situation since there still will be two places containing this code it at least will allow to remove the mess from the disk-unplug code and will prevent introducing more mess when adding blockdev support. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Add tests for upcoming re-generation of aliases for the secret objects used by qemu when upgrading libvirt. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Rather than trying to figure out which alias was used, store it in the status XML. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
We need to reference the secret objects by name when hot-unplugging disks. Don't remove the alias so that it does not need to be recalculated. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
It's desired to keep the alias around to allow referencing of the secret object used with qemu. Add set of APIs which will destroy all data except the alias. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Move the logic that determines which secret shall be used into the caller and make this function work only for plain secrets. This untangles the control flow by only checking relevant data. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
The encryption secret is setup only for LUKS and thus requires the new approach. Use qemuDomainSecretInfoNew for initializing it. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Some code paths can't use the unencrypted secret. Add a helper which checks and sets up an encrypted secret only and reuse it when setting up the secret to decrypt the TLS private key in qemuDomainSecretInfoTLSNew. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Rename it to qemuDomainSecretInfoNewPlain and annotate that it also may set up a 'plain' secret in some cases. This will eventually be refactored further. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
The function checks whether the storage source requires authentication secret setup. Rename it accordingly. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Use qemuDomainSecretStorageSourcePrepare in qemuDomainSecretHostdevPrepare as it uses a virStorageSource to prepare the authentication secret object data. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
This helper checks that the vm has the master key setup and libvirt supports the given encryption algorithm. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
The next patch will forbid the old qcow2 encryption completely. Remove it from the tests. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
Change the disk encryption type to qcow2+luks so that the appropriate secret objects are generated. This tests that the proper alias is used for the passphrase secret object. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Peter Krempa 提交于
The disk encryption part is no way relevant to the rest of the test so drop it. Signed-off-by: NPeter Krempa <pkrempa@redhat.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Ján Tomko 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1291851Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Ján Tomko 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1291851Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Ján Tomko 提交于
Introduce a function for comparing two vsock definitions. https://bugzilla.redhat.com/show_bug.cgi?id=1291851Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Ján Tomko 提交于
Allow hotplugging the vsock device. https://bugzilla.redhat.com/show_bug.cgi?id=1291851Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Ján Tomko 提交于
Alter qemuBuildVsockDevStr to allow passing a prefix for the vhostfd file descriptor name. Domain startup uses the numeric value of fd without a prefix, but hotplug will need to use a prefix because passed file descriptor names cannot start with a number. https://bugzilla.redhat.com/show_bug.cgi?id=1291851Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Ján Tomko 提交于
Split out the device string building to allow reuse for hotplug. https://bugzilla.redhat.com/show_bug.cgi?id=1291851Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Jim Fehlig 提交于
Commit 656151bf fixed formatting of the <cmdline> element. Perhaps it would have been noticed and fixed earlier if we had a test. With this change, all possible cases of formatting <cmdline> from xmconfig are covered 1. no 'extra=' or 'root=' in xm.cfg 2. 'extra=' but no 'root=' in xm.cfg 3. 'root=' but no 'extra=' in xm.cfg 4. both 'root=' and 'extra=' in xm.cfg Case 1 is covered by all existing paravirt tests since they have no 'extra=' or 'root='. Case 2 is covered by adding 'extra=' to a few of the existing paravirt tests. Cases 3 and 4 are covered by new tests that only test conversion of xm.cfg to xml. Signed-off-by: NJim Fehlig <jfehlig@suse.com> Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
-
由 Jim Fehlig 提交于
Per-domain log files were introduced in commit a30b08b7. The FILE objects associated with these log files are stored in a hash table using domid as a key. When a domain is shutdown, destroyed, or otherwise powered-off, the FILE object is removed from the hash table, where the free function will close the FILE. Unfortunately the call to remove the FILE from the hash table occurs after setting domid=-1 in the libxlDomainCleanup() function. The object is never removed from the hash table, the free function is never called, and the underlying fd is leaked. Fix by removing the FILE object from the hash table before setting domid=-1. Signed-off-by: NJim Fehlig <jfehlig@suse.com> Reviewed-by: NJán Tomko <jtomko@redhat.com>
-
由 Jiri Denemark 提交于
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Daniel Veillard 提交于
* docs/news.xml: updated for release Signed-off-by: NDaniel Veillard <veillard@redhat.com>
-