File 0701abcb3-qemu-AES-secret-scsi-hotplug.patch of Package libvirt.11509
commit 0701abcb3ba78ba27cf1f47e01b3d9607ad37b72
Author: Gema Gomez <gema.gomez-solano@linaro.org>
Date: Sun Oct 9 16:51:09 2016 +0100
qemu: Add support for using AES secret for SCSI hotplug
Support for virtio disks was added in commit id 'fceeeda', but not for
SCSI drives. Add the secret for the server when hotplugging a SCSI drive.
No need to make any adjustments for unplug since that's handled during
the qemuDomainDetachDiskDevice call to qemuDomainRemoveDiskDevice in
the qemuDomainDetachDeviceDiskLive switch.
Added a test to/for the command line processing to show the command line
options when adding a SCSI drive for the guest.
Index: libvirt-2.0.0/src/qemu/qemu_hotplug.c
===================================================================
--- libvirt-2.0.0.orig/src/qemu/qemu_hotplug.c
+++ libvirt-2.0.0/src/qemu/qemu_hotplug.c
@@ -573,6 +573,11 @@ qemuDomainAttachSCSIDisk(virConnectPtr c
char *devstr = NULL;
int ret = -1;
virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
+ qemuDomainDiskPrivatePtr diskPriv;
+ qemuDomainSecretInfoPtr secinfo;
+ virJSONValuePtr secobjProps = NULL;
+ bool secobjAdded = false;
+ int rv;
if (qemuDomainPrepareDisk(driver, vm, disk, NULL, false) < 0)
goto cleanup;
@@ -603,6 +608,13 @@ qemuDomainAttachSCSIDisk(virConnectPtr c
if (qemuDomainSecretDiskPrepare(conn, priv, disk) < 0)
goto error;
+ diskPriv = QEMU_DOMAIN_DISK_PRIVATE(disk);
+ secinfo = diskPriv->secinfo;
+ if (secinfo && secinfo->type == VIR_DOMAIN_SECRET_INFO_TYPE_AES) {
+ if (qemuBuildSecretInfoProps(secinfo, &secobjProps) < 0)
+ goto error;
+ }
+
if (!(devstr = qemuBuildDriveDevStr(vm->def, disk, 0, priv->qemuCaps)))
goto error;
@@ -615,6 +627,15 @@ qemuDomainAttachSCSIDisk(virConnectPtr c
/* Attach the device - 2 step process */
qemuDomainObjEnterMonitor(driver, vm);
+ if (secobjProps) {
+ rv = qemuMonitorAddObject(priv->mon, "secret", secinfo->s.aes.alias,
+ secobjProps);
+ secobjProps = NULL; /* qemuMonitorAddObject consumes */
+ if (rv < 0)
+ goto failadddrive;
+ secobjAdded = true;
+ }
+
if (qemuMonitorAddDrive(priv->mon, drivestr) < 0)
goto failadddrive;
@@ -630,6 +651,7 @@ qemuDomainAttachSCSIDisk(virConnectPtr c
ret = 0;
cleanup:
+ virJSONValueFree(secobjProps);
qemuDomainSecretDiskDestroy(disk);
VIR_FREE(devstr);
VIR_FREE(drivestr);
@@ -641,6 +663,8 @@ qemuDomainAttachSCSIDisk(virConnectPtr c
VIR_WARN("qemuMonitorAddDevice failed on %s (%s)", drivestr, devstr);
failadddrive:
+ if (secobjAdded)
+ ignore_value(qemuMonitorDelObject(priv->mon, secinfo->s.aes.alias));
ignore_value(qemuDomainObjExitMonitor(driver, vm));
failexitmonitor:
Index: libvirt-2.0.0/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args
===================================================================
--- libvirt-2.0.0.orig/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args
+++ libvirt-2.0.0/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args
@@ -18,6 +18,7 @@ file=/tmp/lib/domain--1-QEMUGuest1/maste
-monitor unix:/tmp/lib/domain--1-QEMUGuest1/monitor.sock,server,nowait \
-no-acpi \
-boot c \
+-device virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x3 \
-usb \
-drive file=/dev/HostVG/QEMUGuest1,format=raw,if=none,id=drive-ide0-0-0 \
-device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 \
@@ -27,5 +28,14 @@ keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0O
-drive 'file=rbd:pool/image:id=myname:auth_supported=cephx\;none:\
mon_host=mon1.example.org\:6321\;mon2.example.org\:6322\;mon3.example.org\:6322,\
file.password-secret=virtio-disk0-secret0,format=raw,if=none,id=drive-virtio-disk0' \
--device virtio-blk-pci,bus=pci.0,addr=0x3,drive=drive-virtio-disk0,\
-id=virtio-disk0
+-device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\
+id=virtio-disk0 \
+-object secret,id=scsi0-0-0-0-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
+-drive 'file=rbd:pool/image:id=myname:auth_supported=cephx\;none:\
+mon_host=mon1.example.org\:6321\;mon2.example.org\:6322\;mon3.example.org\:\
+6322,file.password-secret=scsi0-0-0-0-secret0,format=raw,if=none,\
+id=drive-scsi0-0-0-0,cache=none' \
+-device scsi-disk,bus=scsi0.0,channel=0,scsi-id=0,lun=0,\
+drive=drive-scsi0-0-0-0,id=scsi0-0-0-0
Index: libvirt-2.0.0/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.xml
===================================================================
--- libvirt-2.0.0.orig/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.xml
+++ libvirt-2.0.0/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.xml
@@ -32,7 +32,20 @@
</source>
<target dev='vda' bus='virtio'/>
</disk>
+ <disk type='network' device='disk'>
+ <driver name='qemu' type='raw' cache='none'/>
+ <auth username='myname'>
+ <secret type='ceph' usage='mycluster_myname'/>
+ </auth>
+ <source protocol='rbd' name='pool/image'>
+ <host name='mon1.example.org' port='6321'/>
+ <host name='mon2.example.org' port='6322'/>
+ <host name='mon3.example.org' port='6322'/>
+ </source>
+ <target bus='scsi' dev='sda'/>
+ </disk>
<controller type='usb' index='0'/>
+ <controller type='scsi' index='0' model='virtio-scsi'/>
<controller type='ide' index='0'/>
<controller type='pci' index='0' model='pci-root'/>
<input type='mouse' bus='ps2'/>
Index: libvirt-2.0.0/tests/qemuxml2argvtest.c
===================================================================
--- libvirt-2.0.0.orig/tests/qemuxml2argvtest.c
+++ libvirt-2.0.0/tests/qemuxml2argvtest.c
@@ -796,7 +796,7 @@ mymain(void)
DO_TEST("disk-drive-network-rbd-auth", NONE);
# ifdef HAVE_GNUTLS_CIPHER_ENCRYPT
DO_TEST("disk-drive-network-rbd-auth-AES",
- QEMU_CAPS_OBJECT_SECRET);
+ QEMU_CAPS_OBJECT_SECRET, QEMU_CAPS_VIRTIO_SCSI);
# endif
DO_TEST("disk-drive-network-rbd-ipv6", NONE);
DO_TEST_FAILURE("disk-drive-network-rbd-no-colon", NONE);
