- 25 5月, 2016 1 次提交
-
-
由 Ján Tomko 提交于
<os> <acpi> <table type="slic">/path/to/acpi/table/file</table> </acpi> </os> will result in: -acpitable sig=SLIC,file=/path/to/acpi/table/file This option was introduced by QEMU commit 8a92ea2 in 2009. https://bugzilla.redhat.com/show_bug.cgi?id=1327537
-
- 23 5月, 2016 3 次提交
- 20 5月, 2016 10 次提交
-
-
由 John Ferlan 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1182074 If they're available and we need to pass secrets to qemu, then use the qemu domain secret object in order to pass the secrets for RBD volumes instead of passing the base64 encoded secret on the command line. The goal is to make AES secrets the default and have no user interaction required in order to allow using the AES mechanism. If the mechanism is not available, then fall back to the current plain mechanism using a base64 encoded secret. New APIs: qemu_domain.c: qemuDomainGetSecretAESAlias: Generate/return the secret object alias for an AES Secret Info type. This will be called from qemuDomainSecretAESSetup. qemuDomainSecretAESSetup: (private) This API handles the details of the generation of the AES secret and saves the pieces that need to be passed to qemu in order for the secret to be decrypted. The encrypted secret based upon the domain master key, an initialization vector (16 byte random value), and the stored secret. Finally, the requirement from qemu is the IV and encrypted secret are to be base64 encoded. qemu_command.c: qemuBuildSecretInfoProps: (private) Generate/return a JSON properties object for the AES secret to be used by both the command building and eventually the hotplug code in order to add the secret object. Code was designed so that in the future perhaps hotplug could use it if it made sense. qemuBuildObjectSecretCommandLine (private) Generate and add to the command line the -object secret for the secret. This will be required for the subsequent RBD reference to the object. qemuBuildDiskSecinfoCommandLine (private) Handle adding the AES secret object. Adjustments: qemu_domain.c: The qemuDomainSecretSetup was altered to call either the AES or Plain Setup functions based upon whether AES secrets are possible (we have the encryption API) or not, we have secrets, and of course if the protocol source is RBD. qemu_command.c: Adjust the qemuBuildRBDSecinfoURI API's in order to generate the specific command options for an AES secret, such as: -object secret,id=$alias,keyid=$masterKey,data=$base64encodedencrypted, format=base64 -drive file=rbd:pool/image:id=myname:auth_supported=cephx\;none:\ mon_host=mon1.example.org\:6321,password-secret=$alias,... where the 'id=' value is the secret object alias generated by concatenating the disk alias and "-aesKey0". The 'keyid= $masterKey' is the master key shared with qemu, and the -drive syntax will reference that alias as the 'password-secret'. For the -drive syntax, the 'id=myname' is kept to define the username, while the 'key=$base64 encoded secret' is removed. While according to the syntax described for qemu commit '60390a21' or as seen in the email archive: https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg04083.html it is possible to pass a plaintext password via a file, the qemu commit 'ac1d8878' describes the more feature rich 'keyid=' option based upon the shared masterKey. Add tests for checking/comparing output. NB: For hotplug, since the hotplug code doesn't add command line arguments, passing the encoded secret directly to the monitor will suffice.
-
由 Pavel Hrdina 提交于
This prepares the code for other listen types. Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Pavel Hrdina 提交于
Both VNC and SPICE requires the same code to resolve address for listen type network. Remove code duplication and create a new function that will be used in qemuProcessSetupGraphics(). Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Pavel Hrdina 提交于
This is required for following patches where new listen types will be introduced. Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Pavel Hrdina 提交于
We have both in the code. Let's use only one format. Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Ján Tomko 提交于
For some disk types (SD), we want to emit the syntax we used for disks before -device was available even if QEMU supports -device. Use the qemuDiskBusNeedsDeviceArg helper to figure out whether to use the old or new syntax.
-
由 Ján Tomko 提交于
Replace the two uses of the withDeviceArg bool in qemuBuildDiskDriveCommandLine and allow this function to be reused in qemuBuildDriveStr.
-
由 Ján Tomko 提交于
We no longer need to handle -usbdevice and the withDeviceArg logic becomes clearer.
-
由 Ján Tomko 提交于
We have stopped supporting Xenner some time ago.
-
由 Ján Tomko 提交于
Since we always asumme support of QEMU_CAPS_DEVICE.
-
- 17 5月, 2016 3 次提交
-
-
由 Andrea Bolognani 提交于
The only QEMU versions that don't have such capability are <0.11, which we no longer support anyway
-
由 Andrea Bolognani 提交于
The only QEMU versions that don't have such capability are <0.11, which we no longer support anyway
-
由 Andrea Bolognani 提交于
The only QEMU versions that don't have such capability are <0.12, which we no longer support anyway. Additionally, this solves the issue of some QEMU binaries being reported as not having such capability just because they lacked the {kvm-}pci-assign QMP object.
-
- 16 5月, 2016 8 次提交
-
-
由 Cole Robinson 提交于
-name guest= is the explicit parameter for passing a VM name. Using it is required to allow a VM with an '=' in the name https://bugzilla.redhat.com/show_bug.cgi?id=1276485
-
由 Cole Robinson 提交于
After this, a default virt-manager VM will startup with a comma in the VM name: https://bugzilla.redhat.com/show_bug.cgi?id=639926
-
由 Cole Robinson 提交于
This path can be dependent on the VM libdir, which contains its name
-
由 Cole Robinson 提交于
Need to convert the local function to virBuffer usage, so we can use qemuBufferEscapeComma
-
由 Cole Robinson 提交于
This isn't sufficient on its own, since the VM name is used for things like monitor paths, which we don't escape yet
-
由 Cole Robinson 提交于
Centralize the magic invocation for escaping commas on the qemu command line, and document it a bit
-
由 Cole Robinson 提交于
QEMU_CAPS_DEVICE is always set nowadays, so we can drop the non-DEVICE code paths
-
由 John Ferlan 提交于
Rather than returning a "char *" indicating perhaps some sized set of characters that is NUL terminated, alter the function to return 0 or -1 for success/failure and add two parameters to handle returning the buffer and it's size. The function no longer encodes the returned secret, rather it returns the unencoded secret forcing callers to make the necessary adjustments. Alter the callers to handle the adjusted model. Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
-
- 12 5月, 2016 1 次提交
-
-
由 John Ferlan 提交于
The preferred name will be AES not IV, change current references Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
-
- 10 5月, 2016 1 次提交
-
-
由 Cole Robinson 提交于
This matches how we handle spice gl='no' even if spice GL isn't supported. Not too interesting in practice but I figure we should be consistent
-
- 09 5月, 2016 4 次提交
-
-
由 Peter Krempa 提交于
Extract the relevant parts of the existing checker and reuse them for blockcopy since copying to a non-block device creates an invalid configuration. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1209802
-
由 Peter Krempa 提交于
-
由 Peter Krempa 提交于
In qemuCheckDiskConfig would now use virDomainDiskSourceIsBlockType just as a glorified version of virStorageSourceIsBlockLocal that reports error messages. Replace it with the latter including the message for clarity.
-
由 Peter Krempa 提交于
Commit c820fbff added support for iSCSI disk as backing for <disk device='lun'>. We would not use it for a disk type="volume" with direct access mode which basically maps to direct iSCSI usage. Fix it by adding the storage source type accessor that resolves the volume type.
-
- 06 5月, 2016 3 次提交
-
-
由 Pavel Hrdina 提交于
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 John Ferlan 提交于
Add the data structure and infrastructure to support an initialization vector (IV) secrets. The IV secret generation will need to have access to the domain private master key, so let's make sure the prepare disk and hostdev functions can accept that now. Anywhere that needs to make a decision over which secret type to use in order to fill in or use the IV secret has a switch added. Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
-
由 John Ferlan 提交于
Create helper API's in order to build the network URI as shortly we will be adding a new SecretInfo type Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
-
- 04 5月, 2016 2 次提交
-
-
由 John Ferlan 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1286709 Now that we have all the pieces in place, we can add the 'iothread=#' to the command line for the (two) controllers that support it (virtio-scsi-pci and virtio-scsi-ccw). Add the tests as well...
-
由 John Ferlan 提交于
Rather than an if statement, use a switch. The switch will also catch the illegal usage of 'iothread' with some other kind of unsupported bus configuration.
-
- 03 5月, 2016 2 次提交
-
-
由 Cole Robinson 提交于
This adds a ports= attribute to usb controller XML, like <controller type='usb' model='nec-xhci' ports='8'/> This maps to: qemu -device nec-usb-xhci,p2=8,p3=8 Meaning, 8 ports that support both usb2 and usb3 devices. Gerd suggested to just expose them as one knob. https://bugzilla.redhat.com/show_bug.cgi?id=1271408
-
由 Ján Tomko 提交于
Use it everywhere except for virQEMUCapsFillDomainFeatureGICCaps.
-
- 02 5月, 2016 2 次提交
-
-
由 Boris Fiuczynski 提交于
If a panic device is being defined without a model in a domain the default value is always overwritten with model ISA. An ISA bus does not exist on S390 and therefore specifying a panic device results in an unsupported configuration. Since the S390 architecture inherently provides a crash detection capability the panic device should be defined in the domain xml. This patch adds an s390 panic device model and prevents setting a device address on it. Signed-off-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Reviewed-by: NCornelia Huck <cornelia.huck@de.ibm.com>
-
由 Boris Fiuczynski 提交于
Adding the default bus type ISA to the message. Signed-off-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>
-