[libvirt] [PATCH v2 00/12] Add IV Secret Object support
John Ferlan
jferlan at redhat.com
Tue Apr 26 13:47:07 UTC 2016
On 04/16/2016 10:17 AM, John Ferlan wrote:
> v1: http://www.redhat.com/archives/libvir-list/2016-April/msg00596.html
>
> Differences since v1:
>
> - Add qemuBuildiSCSICommandLine (and BuildDiskiSCSI && BuildHostdeviSCSI)
> These will do the magic necessary in order to support IV secret objects
> for the impending iSCSI -drive argument. This API doesn't require any
> qemu patches in order to work AFAICT. I also determined that the "id="
> *isn't* required for an '-iscsi ...' argument, which made using the
> complete 'path' string for 'initiator-name' possible. The other option
> was to break it up and pass the "iqn.*" string as the initiator-name
> and a "modified" remaining string as the "id=" parameter. The modified
> would be to ensure only alphanumeric, '-', '.', and '_' characters are
> in the 'id=' string.
>
> - Fix up some logic found while actually working through the tests. Some
> of it related to what was found for the 'iscsi' options. A couple of
> other minor nits.
>
> - Add tests and mocks for virRandomBytes and gnutls_rnd (note: the former
> could be used to "randomly" (hah!) generate a UUID of all '0xff').
> A mock of 'gnutls_encrypt' is not necessary since, it can only be called
> if the function gnutls_encrypt exists *and* we have a secret object
> capability. Not having a mock function allows us to validate that
> gnutls_encrypt actually generates a value we expect based on some
> less than stellar and totally non random key's!
>
> - Remove the hotplug IV code (I've saved it off for future expansion).
> Although not needing to do hotplug probably means patches 6-9 are not
> required, but still I think better than the existing so I kept them
> even though they have nothing to do with IV secrets (they'd need to
> go in after patches 1-5 anyways).
>
> - Ran the changes through the coverity checker...
>
> John Ferlan (12):
> qemu: Introduce qemuDomainSecretInfo
> qemu: Introduce qemuDomainSecretPrepare and Destroy
> qemu: Introduce qemuDomainHostdevPrivatePtr
> qemu: Introduce qemuDomainSecretHostdevPrepare and Destroy
> qemu: Use qemuDomainSecretInfoPtr in qemuBuildNetworkDriveURI
> qemu: hotplug: Assume support for -device for attach virtio disk
> qemu: hotplug: Adjust error path for attach scsi disk
> qemu: hotplug: Adjust error path for attach virtio disk
> qemu: hotplug: Adjust error path for attach hostdev scsi disk
> qemu: hotplug: Fix possible memory leak of props
> qemu: Introduce qemuDomainSecretIV
> qemu: Utilize qemu secret objects for SCSI/RBD auth/secret
>
> configure.ac | 1 +
> src/conf/domain_conf.c | 33 +-
> src/conf/domain_conf.h | 5 +-
> src/lxc/lxc_native.c | 4 +-
> src/qemu/qemu_alias.c | 23 +
> src/qemu/qemu_alias.h | 2 +
> src/qemu/qemu_command.c | 445 ++++++++++++++----
> src/qemu/qemu_command.h | 13 +-
> src/qemu/qemu_domain.c | 516 ++++++++++++++++++++-
> src/qemu/qemu_domain.h | 81 +++-
> src/qemu/qemu_driver.c | 13 +-
> src/qemu/qemu_hotplug.c | 247 +++++-----
> src/qemu/qemu_hotplug.h | 4 +-
> src/qemu/qemu_parse_command.c | 4 +-
> src/qemu/qemu_process.c | 13 +-
> src/vbox/vbox_common.c | 4 +-
> src/xenconfig/xen_common.c | 4 +-
> src/xenconfig/xen_sxpr.c | 4 +-
> ...uxml2argv-disk-drive-network-iscsi-auth-IV.args | 39 ++
> ...muxml2argv-disk-drive-network-iscsi-auth-IV.xml | 43 ++
> ...emuxml2argv-disk-drive-network-rbd-auth-IV.args | 31 ++
> ...qemuxml2argv-disk-drive-network-rbd-auth-IV.xml | 42 ++
> ...emuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.args | 41 ++
> ...qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.xml | 48 ++
> ...xml2argv-hostdev-scsi-virtio-iscsi-auth-IV.args | 43 ++
> ...uxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.xml | 48 ++
> tests/qemuxml2argvmock.c | 31 +-
> tests/qemuxml2argvtest.c | 19 +
> tests/virhostdevtest.c | 3 +-
> 29 files changed, 1557 insertions(+), 247 deletions(-)
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth-IV.args
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth-IV.xml
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-IV.args
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-IV.xml
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.args
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.xml
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.args
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.xml
>
ping?
Note there are parts of this that will repeat Peter's just posted series
to remove QEMU_CAPS_DEVICE from qemu_hotplug.c.
Even if the IV specific portions of this change (last two patches) don't
make the release, it still would be "nice" to get the rest in...
Tks -
John
More information about the libvir-list
mailing list