Hi Jirka,
At 05/30/2018 10:18 PM, Jiri Denemark wrote:
On Wed, May 30, 2018 at 21:11:35 +0800, Dou Liyang wrote:
Hi Peter,
Thank you for reply.
At 05/30/2018 08:00 PM, Peter Krempa wrote:
[re-adding libvir-list]
On Wed, May 30, 2018 at 19:36:10 +0800, Dou Liyang wrote:
Hi Peter,
Sorry to
On Wed, May 30, 2018 at 04:00:32PM -0400, John Ferlan wrote:
>
> This is way too sparse.
>
> On 05/21/2018 11:00 AM, Martin Kletzander wrote:
> > Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1469338
> >
> > Signed-off-by: Martin Kletzander
> > ---
> > src/qemu/qemu_command.c
Hi Eduardo,
At 05/30/2018 11:55 PM, Eduardo Habkost wrote:
CCing Jiri Denemark, who maintains the CPU code in libvirt.
Thanks, Jirka. he has already given me a detailed explanation. ;-)
On Wed, May 30, 2018 at 06:00:56PM +0800, Dou Liyang wrote:
Hi All,
I am not sure about the update str
On Wed, May 30, 2018 at 18:55:34 -0400, John Ferlan wrote:
>
>
> On 05/30/2018 08:41 AM, Peter Krempa wrote:
> > Use the default TLS env if TLS is required for NBD. The rest of the
> > implementation is rather simple since all pieces were in place.
> >
> > Note that separate configuration knobs
On Wed, May 30, 2018 at 17:50:45 -0400, John Ferlan wrote:
>
>
> On 05/30/2018 08:41 AM, Peter Krempa wrote:
> > Now that we remember the alias we've used to attach the secret objects
> > we should reuse them rather than trying to infer them from the disk
> > configuration.
> >
> > Signed-off-by
On Wed, May 30, 2018 at 17:45:28 -0400, John Ferlan wrote:
>
>
> On 05/30/2018 08:41 AM, Peter Krempa wrote:
> > Previously we did not store the aliases but rather re-generated them
> > when unplug was necessary. This is very cumbersome since the knowledge
> > when and which alias to use needs to
On Wed, May 30, 2018 at 16:14:31 -0400, John Ferlan wrote:
>
>
> On 05/23/2018 10:13 AM, Peter Krempa wrote:
> > The old qcow/qcow2 encryption format is so broken that qemu decided to
> > drop it completely. This series forbids the use of such images even with
> > qemus prior to this and removes
On Wed, May 30, 2018 at 11:58:54PM +0200, Martin Kletzander wrote:
On Wed, May 30, 2018 at 08:01:10PM +0200, Ján Tomko wrote:
On Mon, May 21, 2018 at 05:00:53PM +0200, Martin Kletzander wrote:
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1469338
Signed-off-by: Martin Kletzander
---
s
On 05/27/2018 03:25 PM, Julio Faracco wrote:
> This commit adds some basic structures to support events for volumes as
> libvirt does with pools, networks, domains, secrets, etc. This commit
> add only lifecycle event to be included at create and delete actions.
>
> Signed-off-by: Julio Faracco
On 05/30/2018 08:41 AM, Peter Krempa wrote:
> Use the default TLS env if TLS is required for NBD. The rest of the
> implementation is rather simple since all pieces were in place.
>
> Note that separate configuration knobs in qemu.conf can be added later
> if it's desired to configure them.
>
On 05/30/2018 08:41 AM, Peter Krempa wrote:
> When restarting libvirt would previously lose the alias of the x509
> certificate object. Upon unplug we would then not delete the
> corresponding objects.
>
> Restore the alias if we know it shoudl be there.
>
> Luckily for disks we don't support
On Wed, May 30, 2018 at 08:01:10PM +0200, Ján Tomko wrote:
On Mon, May 21, 2018 at 05:00:53PM +0200, Martin Kletzander wrote:
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1469338
Signed-off-by: Martin Kletzander
---
src/qemu/qemu_command.c | 18
src/qemu/qemu
On 05/30/2018 08:41 AM, Peter Krempa wrote:
> Libvirt uses the stored alias to detach the tlx x509 object on disk
> unplug. As the alias was not stored, the object would not be detached
> if unplugging disks after libvirtd restart.
>
> Signed-off-by: Peter Krempa
> ---
> src/qemu/qemu_domain.
On 05/30/2018 08:41 AM, Peter Krempa wrote:
> Now that we remember the alias we've used to attach the secret objects
> we should reuse them rather than trying to infer them from the disk
> configuration.
>
> Signed-off-by: Peter Krempa
> ---
> src/qemu/qemu_hotplug.c | 43
On 05/30/2018 08:41 AM, Peter Krempa wrote:
> Previously we did not store the aliases but rather re-generated them
> when unplug was necessary. This is very cumbersome since the knowledge
> when and which alias to use needs to be stored in the hotplug code as
> well.
>
> While this patch will n
On 05/30/2018 08:41 AM, Peter Krempa wrote:
> Add tests for upcomming re-generation of aliases for the secret objects
upcoming
John
> used by qemu when upgrading libvirt.
>
> Signed-off-by: Peter Krempa
> ---
> .../disk-secinfo-upgrade-in.xml| 507
> +++
On Wed, May 30, 2018 at 11:02:59AM -0400, John Ferlan wrote:
On 05/21/2018 11:00 AM, Martin Kletzander wrote:
We are still hoping all of such checks will be moved there and this is one small
step in that direction.
One of the things that this is improving is the error message you get when
sta
On 05/30/2018 08:41 AM, Peter Krempa wrote:
> Rather than trying to figure out which alias was used, store it in the
> status XML.
> ---
> src/qemu/qemu_domain.c| 90
> +--
> tests/qemustatusxml2xmldata/modern-in.xml | 4 ++
> 2 files changed, 9
On Tue, May 29, 2018 at 10:06:25AM -0400, John Ferlan wrote:
On 05/29/2018 09:44 AM, Michal Privoznik wrote:
On 05/29/2018 03:38 PM, Martin Kletzander wrote:
On Fri, May 25, 2018 at 09:37:44AM -0500, Eric Blake wrote:
On 05/25/2018 09:17 AM, Michal Privoznik wrote:
We should probably seed
On 05/23/2018 10:13 AM, Peter Krempa wrote:
> The old qcow/qcow2 encryption format is so broken that qemu decided to
> drop it completely. This series forbids the use of such images even with
> qemus prior to this and removes all the cruft necessary to support it.
>
> v2:
> - fixed check to in
This is way too sparse.
On 05/21/2018 11:00 AM, Martin Kletzander wrote:
> Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1469338
>
> Signed-off-by: Martin Kletzander
> ---
> src/qemu/qemu_command.c | 18
> src/qemu/qemu_domain.c| 84 +
---
docs/apps.html.in | 15 +++
1 file changed, 15 insertions(+)
diff --git a/docs/apps.html.in b/docs/apps.html.in
index 863be4ff23..0aa3568eed 100644
--- a/docs/apps.html.in
+++ b/docs/apps.html.in
@@ -466,6 +466,21 @@
minutes. The only requirements for the users are a Web
On Wed, May 30, 2018 at 07:06:25PM +0200, Peter Krempa wrote:
The function generates JSON properties rather than a string so rename
it.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_command.c | 26 +-
src/qemu/qemu_command.h | 16
src/qemu/qemu_hotplug.c |
On Mon, May 21, 2018 at 05:00:53PM +0200, Martin Kletzander wrote:
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1469338
Signed-off-by: Martin Kletzander
---
src/qemu/qemu_command.c | 18
src/qemu/qemu_domain.c| 84 +++
..
On Mon, May 21, 2018 at 05:00:51PM +0200, Martin Kletzander wrote:
TSEG (Top of Memory Segment) is one of many regions that SMM (System Management
Mode) can occupy. This one, however is special, because a) most of the SMM code
lives in TSEG nowadays and b) QEMU just (well, some time ago) added s
On Wed, May 23, 2018 at 04:13:30PM +0200, Peter Krempa wrote:
Now that the old qcow2 encryption is removed we can safely delete all
this code since it's not needed any more.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_monitor.c | 13 --
src/qemu/qemu_monitor.h | 4 --
src/qemu/
On Wed, May 23, 2018 at 04:13:29PM +0200, Peter Krempa wrote:
The encryption was buggy and qemu actually dropped it upstream. Forbid
it for all versions since it would cause other problems too.
Problems with the old encryption include weak crypto, corruption of
images with blockjobs and a lot of
On Wed, May 23, 2018 at 04:13:28PM +0200, Peter Krempa wrote:
The next patch will forbid the old qcow2 encryption completely. Remove
it from the tests.
Signed-off-by: Peter Krempa
---
.../qemublocktestdata/xml2json/file-qcow2-backing-chain-encryption.json | 2 +-
.../qemublocktestdata/xml2json/f
On Wed, May 23, 2018 at 04:13:27PM +0200, Peter Krempa wrote:
Change the disk encryption type to qcow2+luks so that the appropriate
secret objects are generated. This tests that the proper alias is used
for the passphrase secret object.
Signed-off-by: Peter Krempa
---
tests/qemuxml2argvdata/use
On Wed, May 23, 2018 at 04:13:26PM +0200, Peter Krempa wrote:
The disk encryption part is no way relevant to the rest of the test so
drop it.
Signed-off-by: Peter Krempa
---
tests/qemuxml2argvdata/interface-server.xml | 3 ---
tests/qemuxml2xmloutdata/interface-server.xml | 3 ---
2 files chang
On Wed, May 30, 2018 at 03:56:21PM +0200, Peter Krempa wrote:
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c| 1 +
.../qemublocktestdata/xml2json/network-nbd-tls.json | 20
tests/qemublocktestdata/xml2json/network-nbd-tls.xml | 18 +
On Wed, May 30, 2018 at 02:41:34PM +0200, Peter Krempa wrote:
Use the default TLS env if TLS is required for NBD. The rest of the
implementation is rather simple since all pieces were in place.
Note that separate configuration knobs in qemu.conf can be added later
if it's desired to configure th
On Wed, May 30, 2018 at 03:56:22PM +0200, Peter Krempa wrote:
To keep feature parity, we need to be able to format the PR manager
alias when using blockdev.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_block.c | 5 +
tests/qemublocktest.c
On Wed, May 30, 2018 at 02:41:32PM +0200, Peter Krempa wrote:
Callers should generate the alias separately.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_hotplug.c | 14 +-
src/qemu/qemu_hotplug.h | 2 --
src/qemu/qemu_migration_params.c | 6 --
3 files changed,
On Wed, May 30, 2018 at 02:41:33PM +0200, Peter Krempa wrote:
Drop the 'vxhs' suffix so other network protocols using TLS can be
put into the same test.
Signed-off-by: Peter Krempa
---
...-drive-network-tlsx509-vxhs.args => disk-drive-network-tlsx509.args} | 0
...sk-drive-network-tlsx509-vxhs.x
On Wed, May 30, 2018 at 02:41:31PM +0200, Peter Krempa wrote:
No callers are using it.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_hotplug.c | 17 +++--
src/qemu/qemu_hotplug.h | 3 +--
src/qemu/qemu_migration_params.c | 2 +-
3 files changed, 9 insertions(+), 13
On Wed, May 30, 2018 at 02:41:30PM +0200, Peter Krempa wrote:
'secinfo' is present also for migrations. Delete the misleading comment.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_hotplug.c | 2 --
1 file changed, 2 deletions(-)
Reviewed-by: Ján Tomko
Jano
signature.asc
Description: Digi
On Wed, May 30, 2018 at 02:41:29PM +0200, Peter Krempa wrote:
Setting up the 'secinfo' for the TLS private key password also generates
the given alias, so we don't need to generate another one.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_hotplug.c | 16
1 file changed, 8 inser
On Wed, May 30, 2018 at 02:41:28PM +0200, Peter Krempa wrote:
The alias of the secret for decrypting the TLS passphrase is useless
besides for TLS setup. Stop passing it around.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_migration.c| 8 ++--
src/qemu/qemu_migration_params.c | 21
On Wed, May 30, 2018 at 02:41:27PM +0200, Peter Krempa wrote:
We make sure that the disk supports TLS when preparing the environment
so there's no need to duplicate checks.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_command.c | 17 +
1 file changed, 5 insertions(+), 12 deletio
On Wed, May 30, 2018 at 02:41:26PM +0200, Peter Krempa wrote:
Callers need to know the alias anyways so it does not make much sense to
generate it inside of this function.
Note that there's a lingering bad design of this, since the secret
object alias is based on the device name and not on the f
On Wed, May 30, 2018 at 02:41:25PM +0200, Peter Krempa wrote:
qemuBuildTLSx509CommandLine has no business guessing which alias should
be used. The alias needs to be passed in.
Note that there's a lingering bad design of this, since the secret
object alias is based on the device name and not on t
On Wed, May 30, 2018 at 02:41:24PM +0200, Peter Krempa wrote:
Move the TLS object alias setup earlier. Also make sure that the alias
is not overwritten on hotplug.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_command.c | 3 ---
src/qemu/qemu_domain.c | 14 ++
src/qemu/qemu_hotplug.
On Wed, May 30, 2018 at 02:41:23PM +0200, Peter Krempa wrote:
Some callers will not need to generate the alias again.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_hotplug.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Reviewed-by: Ján Tomko
Jano
signature.asc
Description: Digi
On Wed, May 30, 2018 at 02:41:22PM +0200, Peter Krempa wrote:
For some reason the function returned an error if secAlias was not
passed in. It's not an error, in fact it's desired.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_hotplug.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Re
On Wed, May 30, 2018 at 02:41:21PM +0200, Peter Krempa wrote:
Always parse the 'tls' source field and let the drivers decide whether
they support it.
Signed-off-by: Peter Krempa
---
src/conf/domain_conf.c | 14 --
1 file changed, 4 insertions(+), 10 deletions(-)
Reviewed-by: Ján To
Signed-off-by: Peter Krempa
---
src/qemu/qemu_command.c | 31 +++-
src/qemu/qemu_hotplug.c | 77
src/qemu/qemu_hotplug.h | 1 -
src/qemu/qemu_migration_params.c | 3 +-
4 files changed, 45 insertions(+), 67 deletion
On Wed, May 30, 2018 at 02:41:19PM +0200, Peter Krempa wrote:
Remove the loop from qemuDomainPrepareDiskSourceTLS and rename it to
qemuDomainPrepareStorageSourceTLS. Currently there is no backing chain
to prepare so fixing one device is equivalent. In the future it will be
reused in a function wh
On Wed, May 30, 2018 at 02:41:20PM +0200, Peter Krempa wrote:
Signed-off-by: Peter Krempa
---
src/qemu/qemu_domain.c | 6 ++
1 file changed, 6 insertions(+)
Reviewed-by: Ján Tomko
Jano
signature.asc
Description: Digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https
Note that it's okay to pass NULL to qemuDomainDelTLSObjects in
qemuDomainAddTLSObjects as the tls-creds-x509 object was either not
created or qemu crashed.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_command.c | 29 +++--
src/qemu/qemu_command.h | 1 +
Signed-off-by: Peter Krempa
---
src/libvirt_private.syms | 1 -
src/qemu/qemu_monitor.c | 34 --
src/qemu/qemu_monitor.h | 5 -
src/util/virqemu.c | 22 --
src/util/virqemu.h | 4
5 files changed, 66 deletions(-)
diff
The function adds the object of a certain type. Change the name so that
we make room for the generic function.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_driver.c | 2 +-
src/qemu/qemu_hotplug.c | 50 -
src/qemu/qemu_monitor.c | 10 +-
The function generates JSON properties rather than a string so rename
it.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_command.c | 26 +-
src/qemu/qemu_command.h | 16
src/qemu/qemu_hotplug.c | 4 ++--
3 files changed, 23 insertions(+), 23 deletions(-)
Use the new monitor command internal API to allow wrapping of the object
name and alias into the JSON props so that they don't have to be passed
out of band.
The new API also takes a double pointer so that it can be cleared when
the value is consumed so that it does not need to happen in every sin
Signed-off-by: Peter Krempa
---
src/qemu/qemu_driver.c | 14 +-
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 922603a7a3..05a09eb706 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -5806,24 +5806
Signed-off-by: Peter Krempa
---
src/qemu/qemu_command.c | 61 +++--
src/qemu/qemu_command.h | 1 -
src/qemu/qemu_hotplug.c | 15 +++-
3 files changed, 27 insertions(+), 50 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_comma
Signed-off-by: Peter Krempa
---
src/qemu/qemu_command.c | 53 -
src/qemu/qemu_hotplug.c | 8 +---
2 files changed, 23 insertions(+), 38 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index f728b59659..f604a9e8aa 10
Signed-off-by: Peter Krempa
---
src/qemu/qemu_command.c | 30 ++
src/qemu/qemu_hotplug.c | 19 +++
2 files changed, 17 insertions(+), 32 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 5b0e21a425..00fb1a3b32 100644
---
Signed-off-by: Peter Krempa
---
src/qemu/qemu_command.c | 76 ++---
src/qemu/qemu_command.h | 2 +-
src/qemu/qemu_hotplug.c | 8 ++
3 files changed, 43 insertions(+), 43 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
s/virQEMUBuildObjectCommandlineFromJSON/virQEMUBuildObjectCommandlineFromJSONType/
The function adds the object of a certain type. Change the name so that
we make room for the generic function.
Signed-off-by: Peter Krempa
---
src/libvirt_private.syms | 2 +-
src/qemu/qemu_command.c | 32 +
Signed-off-by: Peter Krempa
---
src/libvirt_private.syms | 1 +
src/util/virqemu.c | 40
src/util/virqemu.h | 3 +++
3 files changed, 40 insertions(+), 4 deletions(-)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index e2a
This applies on top of the tls/secret alias refactoring series I've
posted earlier today:
https://www.redhat.com/archives/libvir-list/2018-May/msg02174.html
The main idea is to clarify the lifecycle of the objects used on the
monitor and clean up the code using it.
Peter Krempa (13):
qemu: com
On Wed, May 30, 2018 at 02:41:18PM +0200, Peter Krempa wrote:
Select protocol using a swtich with all cases enumerated. This will
switch
simplify checking unsupported protocols and adding new support.
It also renames the variable :P
Signed-off-by: Peter Krempa
---
src/qemu/qemu_domain.c
On Wed, May 30, 2018 at 02:41:17PM +0200, Peter Krempa wrote:
Split out the code into a separate function so that all steps for a
storage protocol are contained and the original function is easily
extendable.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_domain.c | 51 ++
On Wed, May 30, 2018 at 02:41:16PM +0200, Peter Krempa wrote:
When using blockdev the approach to base aliases will change. Add a
helper function that will aggregate all code which needs to be called
with the disk alias for the -drive to setup internal data.
qemuDomainSecretDiskPrepare wrapper i
On Wed, May 30, 2018 at 02:41:14PM +0200, Peter Krempa wrote:
Convert the function to just prepare data for the disk. Callers need to
do the looping since there's more to do than just copy the data around.
The code path in qemuDomainPrepareDiskSource doesn't need to loop over
the chain yet, sinc
On Wed, May 30, 2018 at 18:04:29 +0200, Michal Privoznik wrote:
> While this leak happens in tests only, it is still worth fixing.
>
> ==12962== 2,035 (104 direct, 1,931 indirect) bytes in 1 blocks are definitely
> lost in loss record 325 of 331
> ==12962==at 0x4C2CF26: calloc (vg_replace_mal
On Wed, May 30, 2018 at 02:41:15PM +0200, Peter Krempa wrote:
Remove the call to the validating function from the function which sets
stuff up.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_domain.c | 11 +++
src/qemu/qemu_domain.h | 6 ++
tests/qemublocktest.c | 3 +++
3 files chan
On Wed, May 30, 2018 at 02:41:13PM +0200, Peter Krempa wrote:
qemuDomainPrepareDiskSourceChain should set up the disk zero detection
mode only for the top level image. Since it's invoked also for the
middle of the chain we need to check that it's really only the top level
image.
Signed-off-by: P
On Wed, May 30, 2018 at 02:41:12PM +0200, Peter Krempa wrote:
When restarting libvirt would previously lose the alias of the x509
certificate object. Upon unplug we would then not delete the
corresponding objects.
Restore the alias if we know it shoudl be there.
should
Luckily for disks we
On Wed, May 30, 2018 at 18:04:27 +0200, Michal Privoznik wrote:
> We need to free return value of virXPathString().
>
> ==12962== 37 bytes in 1 blocks are definitely lost in loss record 156 of 331
> ==12962==at 0x4C2AF0F: malloc (vg_replace_malloc.c:299)
> ==12962==by 0x91E8439: strdup (in
On Wed, May 30, 2018 at 18:04:28 +0200, Michal Privoznik wrote:
> There's no point in calling testInitQEMUCaps() (which sets
> info.qemuCaps) only to overwrite (and leak) it on the very next
> line.
>
> ==12962== 296 (208 direct, 88 indirect) bytes in 1 blocks are definitely lost
> in loss record
On Wed, May 30, 2018 at 02:41:10PM +0200, Peter Krempa wrote:
Using 'haveTLS' to do this is pointless if the alias is not set.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_hotplug.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: Ján Tomko
Jano
signature.asc
Descriptio
On Wed, May 30, 2018 at 02:41:11PM +0200, Peter Krempa wrote:
Libvirt uses the stored alias to detach the tlx x509 object on disk
s/tlx/TLS/
unplug. As the alias was not stored, the object would not be detached
if unplugging disks after libvirtd restart.
Signed-off-by: Peter Krempa
---
src/
On Wed, May 30, 2018 at 02:41:09PM +0200, Peter Krempa wrote:
Now that we remember the alias we've used to attach the secret objects
we should reuse them rather than trying to infer them from the disk
configuration.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_hotplug.c | 43 --
On Wed, May 30, 2018 at 02:41:08PM +0200, Peter Krempa wrote:
Previously we did not store the aliases but rather re-generated them
when unplug was necessary. This is very cumbersome since the knowledge
when and which alias to use needs to be stored in the hotplug code as
well.
While this patch w
On Wed, May 30, 2018 at 02:41:07PM +0200, Peter Krempa wrote:
Add tests for upcomming re-generation of aliases for the secret objects
used by qemu when upgrading libvirt.
Signed-off-by: Peter Krempa
---
.../disk-secinfo-upgrade-in.xml| 507 +
.../disk-seci
On Wed, May 30, 2018 at 02:41:06PM +0200, Peter Krempa wrote:
Rather than trying to figure out which alias was used, store it in the
status XML.
---
src/qemu/qemu_domain.c| 90 +--
tests/qemustatusxml2xmldata/modern-in.xml | 4 ++
2 files changed, 90
On Wed, May 30, 2018 at 02:41:05PM +0200, Peter Krempa wrote:
We need to reference the secret objects by name when hot-unplugging
disks. Don't remove the alias so that it does not need to be
recalculated.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_domain.c | 29 ++---
On 05/21/2018 11:00 AM, Martin Kletzander wrote:
> Signed-off-by: Martin Kletzander
> ---
> src/qemu/qemu_capabilities.c | 10 +++
> src/qemu/qemu_capabilities.h | 2 +
> .../caps_1.5.3.x86_64.replies | 38 +--
> .../caps_1.5.3.x86_64.
On Wed, May 30, 2018 at 02:41:04PM +0200, Peter Krempa wrote:
It's desired to keep the alias around to allow referencing of the secret
object used with qemu. Add set of APIs which will destroy all data
except the alias.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_domain.c | 43 +++
On Wed, May 30, 2018 at 02:41:03PM +0200, Peter Krempa wrote:
Move the logic that determines which secret shall be used into the
caller and make this function work only for plain secrets.
This untangles the control flow by only checking relevant data.
Signed-off-by: Peter Krempa
---
src/qemu/q
While this leak happens in tests only, it is still worth fixing.
==12962== 2,035 (104 direct, 1,931 indirect) bytes in 1 blocks are definitely
lost in loss record 325 of 331
==12962==at 0x4C2CF26: calloc (vg_replace_malloc.c:711)
==12962==by 0x5D285D5: virAlloc (viralloc.c:144)
==12962==
We need to free return value of virXPathString().
==12962== 37 bytes in 1 blocks are definitely lost in loss record 156 of 331
==12962==at 0x4C2AF0F: malloc (vg_replace_malloc.c:299)
==12962==by 0x91E8439: strdup (in /lib64/libc-2.25.so)
==12962==by 0x5DBD551: virStrdup (virstring.c:97
Ideally, these would be merged before the release. But I don't have
strong opinion on that.
Michal Privoznik (3):
virDomainDefParseXML: Free @tmp when parsing genid
qemuxml2argvtest: Don't initialize qemuCaps twice
virQEMUCapsSetHostModel: Free cpuData before setting it
src/conf/domain_con
There's no point in calling testInitQEMUCaps() (which sets
info.qemuCaps) only to overwrite (and leak) it on the very next
line.
==12962== 296 (208 direct, 88 indirect) bytes in 1 blocks are definitely lost
in loss record 265 of 331
==12962==at 0x4C2CF26: calloc (vg_replace_malloc.c:711)
==12
On Wed, May 30, 2018 at 05:25:27PM +0200, Ján Tomko wrote:
On Wed, May 30, 2018 at 02:41:01PM +0200, Peter Krempa wrote:
Some code paths can't use the unencrypted secret. Add a helper which
checks and sets up an encrypted secret only and reuse it when setting up
the secret to decrypt the TLS pri
On 05/21/2018 11:00 AM, Martin Kletzander wrote:
> TSEG (Top of Memory Segment) is one of many regions that SMM (System
> Management
> Mode) can occupy. This one, however is special, because a) most of the SMM
> code
> lives in TSEG nowadays and b) QEMU just (well, some time ago) added suppor
CCing Jiri Denemark, who maintains the CPU code in libvirt.
On Wed, May 30, 2018 at 06:00:56PM +0800, Dou Liyang wrote:
> Hi All,
>
> I am not sure about the update strategy of CPU models in libvirt.
>
> IMO, It's depend on the CPU model in qemu-kvm, if some CPU models
> were updated in qemu-k
On Wed, May 30, 2018 at 02:41:02PM +0200, Peter Krempa wrote:
The encryption secret is setup only for LUKS and thus requires the new
approach. Use qemuDomainSecretInfoNew for initializing it.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_domain.c | 8
1 file changed, 4 insertions(+), 4
On Wed, May 30, 2018 at 02:41:01PM +0200, Peter Krempa wrote:
Some code paths can't use the unencrypted secret. Add a helper which
checks and sets up an encrypted secret only and reuse it when setting up
the secret to decrypt the TLS private key in qemuDomainSecretInfoTLSNew.
Signed-off-by: Pete
On Wed, May 30, 2018 at 02:41:00PM +0200, Peter Krempa wrote:
Rename it to qemuDomainSecretInfoNewPlain and annotate that it also may
set up a 'plain' secret in some cases. This will eventually be
refactored further.
I trust that you will make the actions match the name in future patches.
Si
On Wed, May 30, 2018 at 02:40:59PM +0200, Peter Krempa wrote:
The function checks whether the storage source requires authentication
secret setup. Rename it accordingly.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_domain.c | 4 ++--
src/qemu/qemu_domain.h | 2 +-
src/qemu/qemu_hotplug.c | 4 +
On Wed, May 30, 2018 at 02:40:58PM +0200, Peter Krempa wrote:
Use qemuDomainSecretStorageSourcePrepare in
qemuDomainSecretHostdevPrepare as it uses a virStorageSource to prepare
the authentication secret object data.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_domain.c | 15 ++-
1
On 05/21/2018 11:00 AM, Martin Kletzander wrote:
> We are still hoping all of such checks will be moved there and this is one
> small
> step in that direction.
>
> One of the things that this is improving is the error message you get when
> starting a domain with SMM and i440fx, for example.
On Wed, May 30, 2018 at 02:40:57PM +0200, Peter Krempa wrote:
This helper checks that the vm has the master key setup and libvirt
supports the given encryption algorithm.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_domain.c | 19 +--
src/qemu/qemu_domain.h | 2 ++
2 files chang
Introduce a function for comparing two vsock definitions.
https://bugzilla.redhat.com/show_bug.cgi?id=1291851
Signed-off-by: Ján Tomko
---
src/conf/domain_conf.c | 18 ++
src/conf/domain_conf.h | 3 +++
src/libvirt_private.syms | 1 +
3 files changed, 22 insertions(+)
dif
https://bugzilla.redhat.com/show_bug.cgi?id=1291851
Signed-off-by: Ján Tomko
---
src/qemu/qemu_driver.c | 22 --
1 file changed, 20 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index e030a9e095..6496fe4719 100644
--- a/src/qemu/q
https://bugzilla.redhat.com/show_bug.cgi?id=1291851
Signed-off-by: Ján Tomko
---
src/qemu/qemu_driver.c | 5 +++-
src/qemu/qemu_hotplug.c | 68 -
src/qemu/qemu_hotplug.h | 3 +++
3 files changed, 74 insertions(+), 2 deletions(-)
diff --git a/sr
Allow hotplugging the vsock device.
https://bugzilla.redhat.com/show_bug.cgi?id=1291851
Signed-off-by: Ján Tomko
---
src/qemu/qemu_driver.c | 9 ++-
src/qemu/qemu_hotplug.c | 70 +
src/qemu/qemu_hotplug.h | 4 +++
3 files changed, 82 insert
1 - 100 of 194 matches
Mail list logo
