rpms / libvirt

Clone
Source Code
GIT

Files

  1.   5c27b6f1e341d9ef41aa55f4a97a4d40d46229a3
  2.   SOURCES
  3.   libvirt-qemu-Add-support-for-using-AES-secret-for-SCSI-hotplug.patch
Blob Blame History Raw 
From d003f242c8dd06903146604442e633fc286f88ba Mon Sep 17 00:00:00 2001
Message-Id: <d003f242c8dd06903146604442e633fc286f88ba@dist-git>
From: Gema Gomez <gema.gomez-solano@linaro.org>
Date: Wed, 21 Dec 2016 15:55:41 -0500
Subject: [PATCH] qemu: Add support for using AES secret for SCSI hotplug

https://bugzilla.redhat.com/show_bug.cgi?id=1406442

Support for virtio disks was added in commit id 'fceeeda', but not for
SCSI drives. Add the secret for the server when hotplugging a SCSI drive.
No need to make any adjustments for unplug since that's handled during
the qemuDomainDetachDiskDevice call to qemuDomainRemoveDiskDevice in
the qemuDomainDetachDeviceDiskLive switch.

Added a test to/for the command line processing to show the command line
options when adding a SCSI drive for the guest.

(cherry picked from commit 0701abcb3ba78ba27cf1f47e01b3d9607ad37b72)

Resolved conflict since upstream commit id '97ca6eed9a' is not present
(just remove the drivealias changes)

https://bugzilla.redhat.com/show_bug.cgi?id=1411398

Signed-off-by: John Ferlan <jferlan@redhat.com>
---
 src/qemu/qemu_hotplug.c                             | 21 +++++++++++++++++++++
 ...emuxml2argv-disk-drive-network-rbd-auth-AES.args | 14 ++++++++++++--
 ...qemuxml2argv-disk-drive-network-rbd-auth-AES.xml | 13 +++++++++++++
 tests/qemuxml2argvtest.c                            |  2 +-
 4 files changed, 47 insertions(+), 3 deletions(-)

diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 58d25ca0e..967c7c0b7 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -594,12 +594,15 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
     char *devstr = NULL;
     bool driveAdded = false;
     bool encobjAdded = false;
+    bool secobjAdded = false;
     int ret = -1;
     int rv;
     virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
     virJSONValuePtr encobjProps = NULL;
+    virJSONValuePtr secobjProps = NULL;
     qemuDomainDiskPrivatePtr diskPriv;
     qemuDomainSecretInfoPtr encinfo;
+    qemuDomainSecretInfoPtr secinfo;
 
     if (qemuDomainPrepareDisk(driver, vm, disk, NULL, false) < 0)
         goto cleanup;
@@ -631,6 +634,12 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
         goto error;
 
     diskPriv = QEMU_DOMAIN_DISK_PRIVATE(disk);
+    secinfo = diskPriv->secinfo;
+    if (secinfo && secinfo->type == VIR_DOMAIN_SECRET_INFO_TYPE_AES) {
+        if (qemuBuildSecretInfoProps(secinfo, &secobjProps) < 0)
+            goto error;
+    }
+
     encinfo = diskPriv->encinfo;
     if (encinfo && qemuBuildSecretInfoProps(encinfo, &encobjProps) < 0)
         goto error;
@@ -646,6 +655,15 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
 
     qemuDomainObjEnterMonitor(driver, vm);
 
+    if (secobjProps) {
+        rv = qemuMonitorAddObject(priv->mon, "secret", secinfo->s.aes.alias,
+                                  secobjProps);
+        secobjProps = NULL; /* qemuMonitorAddObject consumes */
+        if (rv < 0)
+            goto exit_monitor;
+        secobjAdded = true;
+    }
+
     if (encobjProps) {
         rv = qemuMonitorAddObject(priv->mon, "secret", encinfo->s.aes.alias,
                                   encobjProps);
@@ -671,6 +689,7 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
     ret = 0;
 
  cleanup:
+    virJSONValueFree(secobjProps);
     virJSONValueFree(encobjProps);
     qemuDomainSecretDiskDestroy(disk);
     VIR_FREE(devstr);
@@ -684,6 +703,8 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
         VIR_WARN("qemuMonitorAddDevice failed on %s (%s)", drivestr, devstr);
 
     orig_err = virSaveLastError();
+    if (secobjAdded)
+        ignore_value(qemuMonitorDelObject(priv->mon, secinfo->s.aes.alias));
     if (encobjAdded)
         ignore_value(qemuMonitorDelObject(priv->mon, encinfo->s.aes.alias));
     if (orig_err) {
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args
index dd66388f8..57b3d88a7 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args
@@ -18,6 +18,7 @@ file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
 -monitor unix:/tmp/lib/domain--1-QEMUGuest1/monitor.sock,server,nowait \
 -no-acpi \
 -boot c \
+-device virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x3 \
 -usb \
 -drive file=/dev/HostVG/QEMUGuest1,format=raw,if=none,id=drive-ide0-0-0 \
 -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 \
@@ -28,5 +29,14 @@ keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
 mon_host=mon1.example.org\:6321\;mon2.example.org\:6322\;mon3.example.org\:6322,\
 file.password-secret=virtio-disk0-secret0,format=raw,if=none,\
 id=drive-virtio-disk0' \
--device virtio-blk-pci,bus=pci.0,addr=0x3,drive=drive-virtio-disk0,\
-id=virtio-disk0
+-device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\
+id=virtio-disk0 \
+-object secret,id=scsi0-0-0-0-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
+-drive 'file=rbd:pool/image:id=myname:auth_supported=cephx\;none:\
+mon_host=mon1.example.org\:6321\;mon2.example.org\:6322\;mon3.example.org\:\
+6322,file.password-secret=scsi0-0-0-0-secret0,format=raw,if=none,\
+id=drive-scsi0-0-0-0,cache=none' \
+-device scsi-disk,bus=scsi0.0,channel=0,scsi-id=0,lun=0,\
+drive=drive-scsi0-0-0-0,id=scsi0-0-0-0
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.xml
index ac2e94209..885fb1127 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.xml
@@ -32,7 +32,20 @@
       </source>
       <target dev='vda' bus='virtio'/>
     </disk>
+    <disk type='network' device='disk'>
+      <driver name='qemu' type='raw' cache='none'/>
+      <auth username='myname'>
+        <secret type='ceph' usage='mycluster_myname'/>
+      </auth>
+      <source protocol='rbd' name='pool/image'>
+        <host name='mon1.example.org' port='6321'/>
+        <host name='mon2.example.org' port='6322'/>
+        <host name='mon3.example.org' port='6322'/>
+      </source>
+      <target bus='scsi' dev='sda'/>
+    </disk>
     <controller type='usb' index='0'/>
+    <controller type='scsi' index='0' model='virtio-scsi'/>
     <controller type='ide' index='0'/>
     <controller type='pci' index='0' model='pci-root'/>
     <input type='mouse' bus='ps2'/>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index f48632b70..dc5580e02 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -827,7 +827,7 @@ mymain(void)
     DO_TEST("disk-drive-network-rbd-auth", NONE);
 # ifdef HAVE_GNUTLS_CIPHER_ENCRYPT
     DO_TEST("disk-drive-network-rbd-auth-AES",
-            QEMU_CAPS_OBJECT_SECRET);
+            QEMU_CAPS_OBJECT_SECRET, QEMU_CAPS_VIRTIO_SCSI);
 # endif
     DO_TEST("disk-drive-network-rbd-ipv6", NONE);
     DO_TEST_FAILURE("disk-drive-network-rbd-no-colon", NONE);
-- 
2.11.1

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation