1. 01 10月, 2018 1 次提交
  2. 31 8月, 2018 4 次提交
  3. 24 8月, 2018 2 次提交
  4. 20 8月, 2018 1 次提交
  5. 15 8月, 2018 3 次提交
  6. 10 8月, 2018 1 次提交
  7. 17 7月, 2018 1 次提交
  8. 16 7月, 2018 1 次提交
  9. 10 7月, 2018 3 次提交
  10. 03 7月, 2018 1 次提交
    • R
      crypto: Implement TLS Pre-Shared Keys (PSK). · e1a6dc91
      Richard W.M. Jones 提交于
      Pre-Shared Keys (PSK) is a simpler mechanism for enabling TLS
      connections than using certificates.  It requires only a simple secret
      key:
      
        $ mkdir -m 0700 /tmp/keys
        $ psktool -u rjones -p /tmp/keys/keys.psk
        $ cat /tmp/keys/keys.psk
        rjones:d543770c15ad93d76443fb56f501a31969235f47e999720ae8d2336f6a13fcbc
      
      The key can be secretly shared between clients and servers.  Clients
      must specify the directory containing the "keys.psk" file and a
      username (defaults to "qemu").  Servers must specify only the
      directory.
      
      Example NBD client:
      
        $ qemu-img info \
          --object tls-creds-psk,id=tls0,dir=/tmp/keys,username=rjones,endpoint=client \
          --image-opts \
          file.driver=nbd,file.host=localhost,file.port=10809,file.tls-creds=tls0,file.export=/
      
      Example NBD server using qemu-nbd:
      
        $ qemu-nbd -t -x / \
          --object tls-creds-psk,id=tls0,endpoint=server,dir=/tmp/keys \
          --tls-creds tls0 \
          image.qcow2
      
      Example NBD server using nbdkit:
      
        $ nbdkit -n -e / -fv \
          --tls=on --tls-psk=/tmp/keys/keys.psk \
          file file=disk.img
      Signed-off-by: NRichard W.M. Jones <rjones@redhat.com>
      Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>
      e1a6dc91
  11. 29 6月, 2018 3 次提交
    • M
      kvm: support -overcommit cpu-pm=on|off · 6f131f13
      Michael S. Tsirkin 提交于
      With this flag, kvm allows guest to control host CPU power state.  This
      increases latency for other processes using same host CPU in an
      unpredictable way, but if decreases idle entry/exit times for the
      running VCPU, so to use it QEMU needs a hint about whether host CPU is
      overcommitted, hence the flag name.
      
      Follow-up patches will expose this capability to guest
      (using mwait leaf).
      
      Based on a patch by Wanpeng Li <kernellwp@gmail.com> .
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      Message-Id: <20180622192148.178309-2-mst@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      6f131f13
    • T
      Deprecate the -enable-hax option · c44df2ff
      Thomas Huth 提交于
      We currently have got three ways of turning on the HAX accelerator:
      "-machine accel=hax", "-accel hax" and "-enable-hax". That's really
      confusing and overloaded. Since "-accel" is our preferred way to enable
      an accelerator nowadays, and "-accel hax" is even less to type than
      "-enable-hax", let's deprecate the "-enable-hax" option now.
      
      Note: While "-enable-kvm" is available since a long time and can hardly be
      removed since it is used in a lot of upper layer tools and scripts, the
      "-enable-hax" option is still rather new and not very widespread yet, so
      I think that it should be OK if we remove this in a couple of releases again
      (we'll see whether someone complains after seeing the deprecation message -
      then we could still reconsider to keep it if there a well-founded reasons).
      Signed-off-by: NThomas Huth <thuth@redhat.com>
      Message-Id: <1529950933-28347-1-git-send-email-thuth@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      c44df2ff
    • E
      qemu-options: Add missing newline to -accel help text · 0b3c5c81
      Eduardo Habkost 提交于
      The newline was removed by commit c97d6d2c, and broke -help output:
      
      Before this patch:
      
        $ qemu-system-x86_64 -help | grep smp
                        thread=single|multi (enable multi-threaded TCG)-smp [...]
      
      After this patch:
      
        $ qemu-system-x86_64 -help  | grep smp
        -smp [cpus=]n[,maxcpus=cpus][,cores=cores][,threads=threads][,sockets=sockets]
      
      Fixes: c97d6d2c
      Cc: Sergio Andres Gomez Del Real <sergio.g.delreal@gmail.com>
      Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
      Message-Id: <20180611195607.3015-1-ehabkost@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      0b3c5c81
  12. 15 6月, 2018 3 次提交
  13. 01 6月, 2018 1 次提交
  14. 31 5月, 2018 1 次提交
    • I
      cli: add --preconfig option · 047f7038
      Igor Mammedov 提交于
      This option allows pausing QEMU in the new RUN_STATE_PRECONFIG state,
      allowing the configuration of QEMU from QMP before the machine jumps
      into board initialization code of machine_run_board_init()
      
      The intent is to allow management to query machine state and additionally
      configure it using previous query results within one QEMU instance
      (i.e. eliminate the need to start QEMU twice, 1st to query board specific
      parameters and 2nd for actual VM start using query results for
      additional parameters).
      
      The new option complements -S option and could be used with or without
      it. The difference is that -S pauses QEMU when the machine is completely
      initialized with all devices wired up and ready to execute guest code
      (QEMU needs only to unpause VCPUs to let guest execute its code),
      while the "preconfig" option pauses QEMU early before board specific init
      callback (machine_run_board_init) is executed and allows the configuration
      of machine parameters which will be used by board init code.
      
      When early introspection/configuration is done, command 'exit-preconfig'
      should be used to exit RUN_STATE_PRECONFIG and transition to the next
      requested state (i.e. if -S is used then QEMU will pause the second
      time when board/device initialization is completed or start guest
      execution if -S isn't provided on CLI)
      
      PS:
      Initially 'preconfig' is planned to be used for configuring numa
      topology depending on board specified possible cpus layout.
      Signed-off-by: NIgor Mammedov <imammedo@redhat.com>
      Reviewed-by: NEric Blake <eblake@redhat.com>
      Message-Id: <1526059483-42847-1-git-send-email-imammedo@redhat.com>
      [ehabkost: Changed "since 2.13" to "since 3.0"]
      Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
      047f7038
  15. 14 5月, 2018 1 次提交
  16. 09 5月, 2018 4 次提交
  17. 27 4月, 2018 1 次提交
  18. 26 4月, 2018 1 次提交
  19. 06 4月, 2018 1 次提交
  20. 30 3月, 2018 1 次提交
    • T
      qemu-doc: Rework the network options chapter to make "-net" less prominent · abbbb035
      Thomas Huth 提交于
      "-net" is clearly a legacy option. Yet we still use it in almost all
      examples in the qemu documentation, and many other spots in the network
      chapter. We should make it less prominent that users are not lured into
      using it so often anymore. So instead of starting the network chapter with
      "-net nic" and documenting "-net <backend>" below "-netdev <backend>"
      everywhere, all the "-net" related documentation is now moved to the end
      of the chapter. The new "-nic" option is moved to the beginning of the
      chapter instead, with a new example that should demonstrate how "-nic"
      can be used to shortcut "-device" with "-netdev". The examples in this
      chapter are changed to use the "-device" and "-netdev" options or
      "-nic" instead of "-net nic -net <backend>".
      
      While we're at it, also remove a legacy remark about very old Linux
      distributions. Also remove the "[...]" from the examples in this chapter
      since we are not using this ellipsis in any other examples in our docu-
      mentation.
      Signed-off-by: NThomas Huth <thuth@redhat.com>
      Signed-off-by: NJason Wang <jasowang@redhat.com>
      abbbb035
  21. 20 3月, 2018 1 次提交
  22. 13 3月, 2018 2 次提交
  23. 06 3月, 2018 1 次提交
    • T
      balloon: Fix documentation of the --balloon parameter and deprecate it · 4060e671
      Thomas Huth 提交于
      There are two issues with the documentation of the --balloon parameter:
      First, "--balloon none" is simply doing nothing. Even if a machine had a
      balloon device by default, this option is not disabling anything, it is
      simply ignored. Thus let's simply drop this option from the documentation
      to avoid to confuse the users (but keep the code in vl.c for backward
      compatibility).
      Second, the documentation claims that "--balloon virtio" is the default
      mode, but this is not true anymore since commit 382f0743.
      Since that commit, the option also has no real use case anymore, since
      you can simply use "--device virtio-balloon" nowadays instead. Thus to
      simplify our complex parameter zoo a little bit, let's deprecate the
      the parameter now and tell the user to use "--device virtio-balloon"
      instead.
      
      Fixes: 382f0743Signed-off-by: NThomas Huth <thuth@redhat.com>
      Message-Id: <1519796303-13257-1-git-send-email-thuth@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      4060e671
  24. 05 3月, 2018 1 次提交
    • T
      net: Add a new convenience option "--nic" to configure default/on-board NICs · 78cd6f7b
      Thomas Huth 提交于
      The legacy "-net" option can be quite confusing for the users since most
      people do not expect to get a "vlan" hub between their emulated guest
      hardware and the host backend. But so far, we are also not able to get
      rid of "-net" completely, since it is the only way to configure on-board
      NICs that can not be instantiated via "-device" yet. It's also a little
      bit shorter to type "-net nic -net tap" instead of "-device xyz,netdev=n1
      -netdev tap,id=n1".
      
      So what we need is a new convenience option that is shorter to type than
      the full -device + -netdev stuff, and which can be used to configure the
      on-board NICs that can not be handled via -device yet. Thus this patch now
      provides such a new option "--nic": It adds an entry in the nd_table to
      configure a on-board / default NIC, creates a host backend and connects
      the two directly, without a confusing "vlan" hub inbetween.
      Reviewed-by: NPaolo Bonzini <pbonzini@redhat.com>
      Signed-off-by: NThomas Huth <thuth@redhat.com>
      Signed-off-by: NJason Wang <jasowang@redhat.com>
      78cd6f7b