|
 |
0310fa |
From d003f242c8dd06903146604442e633fc286f88ba Mon Sep 17 00:00:00 2001
|
|
|
0310fa |
Message-Id: <d003f242c8dd06903146604442e633fc286f88ba@dist-git>
|
|
|
0310fa |
From: Gema Gomez <gema.gomez-solano@linaro.org>
|
|
|
0310fa |
Date: Wed, 21 Dec 2016 15:55:41 -0500
|
|
|
0310fa |
Subject: [PATCH] qemu: Add support for using AES secret for SCSI hotplug
|
|
|
0310fa |
|
|
|
0310fa |
https://bugzilla.redhat.com/show_bug.cgi?id=1406442
|
|
|
0310fa |
|
|
|
0310fa |
Support for virtio disks was added in commit id 'fceeeda', but not for
|
|
|
0310fa |
SCSI drives. Add the secret for the server when hotplugging a SCSI drive.
|
|
|
0310fa |
No need to make any adjustments for unplug since that's handled during
|
|
|
0310fa |
the qemuDomainDetachDiskDevice call to qemuDomainRemoveDiskDevice in
|
|
|
0310fa |
the qemuDomainDetachDeviceDiskLive switch.
|
|
|
0310fa |
|
|
|
0310fa |
Added a test to/for the command line processing to show the command line
|
|
|
0310fa |
options when adding a SCSI drive for the guest.
|
|
|
0310fa |
|
|
|
0310fa |
(cherry picked from commit 0701abcb3ba78ba27cf1f47e01b3d9607ad37b72)
|
|
|
0310fa |
|
|
|
0310fa |
Resolved conflict since upstream commit id '97ca6eed9a' is not present
|
|
|
0310fa |
(just remove the drivealias changes)
|
|
|
0310fa |
|
|
|
0310fa |
https://bugzilla.redhat.com/show_bug.cgi?id=1411398
|
|
|
0310fa |
|
|
|
0310fa |
Signed-off-by: John Ferlan <jferlan@redhat.com>
|
|
|
0310fa |
---
|
|
|
0310fa |
src/qemu/qemu_hotplug.c | 21 +++++++++++++++++++++
|
|
|
0310fa |
...emuxml2argv-disk-drive-network-rbd-auth-AES.args | 14 ++++++++++++--
|
|
|
0310fa |
...qemuxml2argv-disk-drive-network-rbd-auth-AES.xml | 13 +++++++++++++
|
|
|
0310fa |
tests/qemuxml2argvtest.c | 2 +-
|
|
|
0310fa |
4 files changed, 47 insertions(+), 3 deletions(-)
|
|
|
0310fa |
|
|
|
0310fa |
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
|
|
|
0310fa |
index 58d25ca0e..967c7c0b7 100644
|
|
|
0310fa |
--- a/src/qemu/qemu_hotplug.c
|
|
|
0310fa |
+++ b/src/qemu/qemu_hotplug.c
|
|
|
0310fa |
@@ -594,12 +594,15 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
|
|
|
0310fa |
char *devstr = NULL;
|
|
|
0310fa |
bool driveAdded = false;
|
|
|
0310fa |
bool encobjAdded = false;
|
|
|
0310fa |
+ bool secobjAdded = false;
|
|
|
0310fa |
int ret = -1;
|
|
|
0310fa |
int rv;
|
|
|
0310fa |
virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
|
|
|
0310fa |
virJSONValuePtr encobjProps = NULL;
|
|
|
0310fa |
+ virJSONValuePtr secobjProps = NULL;
|
|
|
0310fa |
qemuDomainDiskPrivatePtr diskPriv;
|
|
|
0310fa |
qemuDomainSecretInfoPtr encinfo;
|
|
|
0310fa |
+ qemuDomainSecretInfoPtr secinfo;
|
|
|
0310fa |
|
|
|
0310fa |
if (qemuDomainPrepareDisk(driver, vm, disk, NULL, false) < 0)
|
|
|
0310fa |
goto cleanup;
|
|
|
0310fa |
@@ -631,6 +634,12 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
|
|
|
0310fa |
goto error;
|
|
|
0310fa |
|
|
|
0310fa |
diskPriv = QEMU_DOMAIN_DISK_PRIVATE(disk);
|
|
|
0310fa |
+ secinfo = diskPriv->secinfo;
|
|
|
0310fa |
+ if (secinfo && secinfo->type == VIR_DOMAIN_SECRET_INFO_TYPE_AES) {
|
|
|
0310fa |
+ if (qemuBuildSecretInfoProps(secinfo, &secobjProps) < 0)
|
|
|
0310fa |
+ goto error;
|
|
|
0310fa |
+ }
|
|
|
0310fa |
+
|
|
|
0310fa |
encinfo = diskPriv->encinfo;
|
|
|
0310fa |
if (encinfo && qemuBuildSecretInfoProps(encinfo, &encobjProps) < 0)
|
|
|
0310fa |
goto error;
|
|
|
0310fa |
@@ -646,6 +655,15 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
|
|
|
0310fa |
|
|
|
0310fa |
qemuDomainObjEnterMonitor(driver, vm);
|
|
|
0310fa |
|
|
|
0310fa |
+ if (secobjProps) {
|
|
|
0310fa |
+ rv = qemuMonitorAddObject(priv->mon, "secret", secinfo->s.aes.alias,
|
|
|
0310fa |
+ secobjProps);
|
|
|
0310fa |
+ secobjProps = NULL; /* qemuMonitorAddObject consumes */
|
|
|
0310fa |
+ if (rv < 0)
|
|
|
0310fa |
+ goto exit_monitor;
|
|
|
0310fa |
+ secobjAdded = true;
|
|
|
0310fa |
+ }
|
|
|
0310fa |
+
|
|
|
0310fa |
if (encobjProps) {
|
|
|
0310fa |
rv = qemuMonitorAddObject(priv->mon, "secret", encinfo->s.aes.alias,
|
|
|
0310fa |
encobjProps);
|
|
|
0310fa |
@@ -671,6 +689,7 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
|
|
|
0310fa |
ret = 0;
|
|
|
0310fa |
|
|
|
0310fa |
cleanup:
|
|
|
0310fa |
+ virJSONValueFree(secobjProps);
|
|
|
0310fa |
virJSONValueFree(encobjProps);
|
|
|
0310fa |
qemuDomainSecretDiskDestroy(disk);
|
|
|
0310fa |
VIR_FREE(devstr);
|
|
|
0310fa |
@@ -684,6 +703,8 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
|
|
|
0310fa |
VIR_WARN("qemuMonitorAddDevice failed on %s (%s)", drivestr, devstr);
|
|
|
0310fa |
|
|
|
0310fa |
orig_err = virSaveLastError();
|
|
|
0310fa |
+ if (secobjAdded)
|
|
|
0310fa |
+ ignore_value(qemuMonitorDelObject(priv->mon, secinfo->s.aes.alias));
|
|
|
0310fa |
if (encobjAdded)
|
|
|
0310fa |
ignore_value(qemuMonitorDelObject(priv->mon, encinfo->s.aes.alias));
|
|
|
0310fa |
if (orig_err) {
|
|
|
0310fa |
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args
|
|
|
0310fa |
index dd66388f8..57b3d88a7 100644
|
|
|
0310fa |
--- a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args
|
|
|
0310fa |
+++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args
|
|
|
0310fa |
@@ -18,6 +18,7 @@ file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
|
|
|
0310fa |
-monitor unix:/tmp/lib/domain--1-QEMUGuest1/monitor.sock,server,nowait \
|
|
|
0310fa |
-no-acpi \
|
|
|
0310fa |
-boot c \
|
|
|
0310fa |
+-device virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x3 \
|
|
|
0310fa |
-usb \
|
|
|
0310fa |
-drive file=/dev/HostVG/QEMUGuest1,format=raw,if=none,id=drive-ide0-0-0 \
|
|
|
0310fa |
-device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 \
|
|
|
0310fa |
@@ -28,5 +29,14 @@ keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
|
|
|
0310fa |
mon_host=mon1.example.org\:6321\;mon2.example.org\:6322\;mon3.example.org\:6322,\
|
|
|
0310fa |
file.password-secret=virtio-disk0-secret0,format=raw,if=none,\
|
|
|
0310fa |
id=drive-virtio-disk0' \
|
|
|
0310fa |
--device virtio-blk-pci,bus=pci.0,addr=0x3,drive=drive-virtio-disk0,\
|
|
|
0310fa |
-id=virtio-disk0
|
|
|
0310fa |
+-device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\
|
|
|
0310fa |
+id=virtio-disk0 \
|
|
|
0310fa |
+-object secret,id=scsi0-0-0-0-secret0,\
|
|
|
0310fa |
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
|
|
|
0310fa |
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
|
|
|
0310fa |
+-drive 'file=rbd:pool/image:id=myname:auth_supported=cephx\;none:\
|
|
|
0310fa |
+mon_host=mon1.example.org\:6321\;mon2.example.org\:6322\;mon3.example.org\:\
|
|
|
0310fa |
+6322,file.password-secret=scsi0-0-0-0-secret0,format=raw,if=none,\
|
|
|
0310fa |
+id=drive-scsi0-0-0-0,cache=none' \
|
|
|
0310fa |
+-device scsi-disk,bus=scsi0.0,channel=0,scsi-id=0,lun=0,\
|
|
|
0310fa |
+drive=drive-scsi0-0-0-0,id=scsi0-0-0-0
|
|
|
0310fa |
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.xml
|
|
|
0310fa |
index ac2e94209..885fb1127 100644
|
|
|
0310fa |
--- a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.xml
|
|
|
0310fa |
+++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.xml
|
|
|
0310fa |
@@ -32,7 +32,20 @@
|
|
|
0310fa |
</source>
|
|
|
0310fa |
<target dev='vda' bus='virtio'/>
|
|
|
0310fa |
</disk>
|
|
|
0310fa |
+ <disk type='network' device='disk'>
|
|
|
0310fa |
+ <driver name='qemu' type='raw' cache='none'/>
|
|
|
0310fa |
+ <auth username='myname'>
|
|
|
0310fa |
+ <secret type='ceph' usage='mycluster_myname'/>
|
|
|
0310fa |
+ </auth>
|
|
|
0310fa |
+ <source protocol='rbd' name='pool/image'>
|
|
|
0310fa |
+ <host name='mon1.example.org' port='6321'/>
|
|
|
0310fa |
+ <host name='mon2.example.org' port='6322'/>
|
|
|
0310fa |
+ <host name='mon3.example.org' port='6322'/>
|
|
|
0310fa |
+ </source>
|
|
|
0310fa |
+ <target bus='scsi' dev='sda'/>
|
|
|
0310fa |
+ </disk>
|
|
|
0310fa |
<controller type='usb' index='0'/>
|
|
|
0310fa |
+ <controller type='scsi' index='0' model='virtio-scsi'/>
|
|
|
0310fa |
<controller type='ide' index='0'/>
|
|
|
0310fa |
<controller type='pci' index='0' model='pci-root'/>
|
|
|
0310fa |
<input type='mouse' bus='ps2'/>
|
|
|
0310fa |
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
|
|
|
0310fa |
index f48632b70..dc5580e02 100644
|
|
|
0310fa |
--- a/tests/qemuxml2argvtest.c
|
|
|
0310fa |
+++ b/tests/qemuxml2argvtest.c
|
|
|
0310fa |
@@ -827,7 +827,7 @@ mymain(void)
|
|
|
0310fa |
DO_TEST("disk-drive-network-rbd-auth", NONE);
|
|
|
0310fa |
# ifdef HAVE_GNUTLS_CIPHER_ENCRYPT
|
|
|
0310fa |
DO_TEST("disk-drive-network-rbd-auth-AES",
|
|
|
0310fa |
- QEMU_CAPS_OBJECT_SECRET);
|
|
|
0310fa |
+ QEMU_CAPS_OBJECT_SECRET, QEMU_CAPS_VIRTIO_SCSI);
|
|
|
0310fa |
# endif
|
|
|
0310fa |
DO_TEST("disk-drive-network-rbd-ipv6", NONE);
|
|
|
0310fa |
DO_TEST_FAILURE("disk-drive-network-rbd-no-colon", NONE);
|
|
|
0310fa |
--
|
|
|
0310fa |
2.11.1
|
|
|
0310fa |
|