[libvirt] [PATCH v2 00/12] Add IV Secret Object support

John Ferlan jferlan at redhat.com
Mon May 2 10:34:41 UTC 2016 


On 04/16/2016 10:17 AM, John Ferlan wrote:
> v1: http://www.redhat.com/archives/libvir-list/2016-April/msg00596.html
> 
> Differences since v1:
> 
>  - Add qemuBuildiSCSICommandLine (and BuildDiskiSCSI && BuildHostdeviSCSI)
>    These will do the magic necessary in order to support IV secret objects
>    for the impending iSCSI -drive argument. This API doesn't require any
>    qemu patches in order to work AFAICT. I also determined that the "id="
>    *isn't* required for an '-iscsi ...' argument, which made using the
>    complete 'path' string for 'initiator-name' possible. The other option
>    was to break it up and pass the "iqn.*" string as the initiator-name
>    and a "modified" remaining string as the "id=" parameter. The modified
>    would be to ensure only alphanumeric, '-', '.', and '_' characters are
>    in the 'id=' string.
> 
>  - Fix up some logic found while actually working through the tests. Some
>    of it related to what was found for the 'iscsi' options.  A couple of
>    other minor nits.
> 
>  - Add tests and mocks for virRandomBytes and gnutls_rnd (note: the former
>    could be used to "randomly" (hah!) generate a UUID of all '0xff').
>    A mock of 'gnutls_encrypt' is not necessary since, it can only be called
>    if the function gnutls_encrypt exists *and* we have a secret object
>    capability.  Not having a mock function allows us to validate that
>    gnutls_encrypt actually generates a value we expect based on some
>    less than stellar and totally non random key's!
> 
>  - Remove the hotplug IV code (I've saved it off for future expansion).
>    Although not needing to do hotplug probably means patches 6-9 are not
>    required, but still I think better than the existing so I kept them
>    even though they have nothing to do with IV secrets (they'd need to
>    go in after patches 1-5 anyways).
> 
>  - Ran the changes through the coverity checker...
> 
> John Ferlan (12):
>   qemu: Introduce qemuDomainSecretInfo
>   qemu: Introduce qemuDomainSecretPrepare and Destroy
>   qemu: Introduce qemuDomainHostdevPrivatePtr
>   qemu: Introduce qemuDomainSecretHostdevPrepare and Destroy
>   qemu: Use qemuDomainSecretInfoPtr in qemuBuildNetworkDriveURI
>   qemu: hotplug: Assume support for -device for attach virtio disk
>   qemu: hotplug: Adjust error path for attach scsi disk
>   qemu: hotplug: Adjust error path for attach virtio disk
>   qemu: hotplug: Adjust error path for attach hostdev scsi disk
>   qemu: hotplug: Fix possible memory leak of props
>   qemu: Introduce qemuDomainSecretIV
>   qemu: Utilize qemu secret objects for SCSI/RBD auth/secret
> 
>  configure.ac                                       |   1 +
>  src/conf/domain_conf.c                             |  33 +-
>  src/conf/domain_conf.h                             |   5 +-
>  src/lxc/lxc_native.c                               |   4 +-
>  src/qemu/qemu_alias.c                              |  23 +
>  src/qemu/qemu_alias.h                              |   2 +
>  src/qemu/qemu_command.c                            | 445 ++++++++++++++----
>  src/qemu/qemu_command.h                            |  13 +-
>  src/qemu/qemu_domain.c                             | 516 ++++++++++++++++++++-
>  src/qemu/qemu_domain.h                             |  81 +++-
>  src/qemu/qemu_driver.c                             |  13 +-
>  src/qemu/qemu_hotplug.c                            | 247 +++++-----
>  src/qemu/qemu_hotplug.h                            |   4 +-
>  src/qemu/qemu_parse_command.c                      |   4 +-
>  src/qemu/qemu_process.c                            |  13 +-
>  src/vbox/vbox_common.c                             |   4 +-
>  src/xenconfig/xen_common.c                         |   4 +-
>  src/xenconfig/xen_sxpr.c                           |   4 +-
>  ...uxml2argv-disk-drive-network-iscsi-auth-IV.args |  39 ++
>  ...muxml2argv-disk-drive-network-iscsi-auth-IV.xml |  43 ++
>  ...emuxml2argv-disk-drive-network-rbd-auth-IV.args |  31 ++
>  ...qemuxml2argv-disk-drive-network-rbd-auth-IV.xml |  42 ++
>  ...emuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.args |  41 ++
>  ...qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.xml |  48 ++
>  ...xml2argv-hostdev-scsi-virtio-iscsi-auth-IV.args |  43 ++
>  ...uxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.xml |  48 ++
>  tests/qemuxml2argvmock.c                           |  31 +-
>  tests/qemuxml2argvtest.c                           |  19 +
>  tests/virhostdevtest.c                             |   3 +-
>  29 files changed, 1557 insertions(+), 247 deletions(-)
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth-IV.args
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth-IV.xml
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-IV.args
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-IV.xml
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.args
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.xml
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.args
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.xml
> 

After merging with Peter's pushed remove QEMU_CAPS_DEVICE... Patch 6
vanishes and Patch 8 is modified to adjust for the removed !drivealias
check in qemuDomainAttachVirtioDiskDevice error path code.

I pushed the reviewed/ACK'd patches - all but last 2.  I'll split up the
RBD and iSCSI code and repost those later today.

Tks -

John

More information about the libvir-list mailing list