2012-04-20 05:40:24 +04:00
|
|
|
check-qdict
|
|
|
|
check-qfloat
|
|
|
|
check-qint
|
|
|
|
check-qjson
|
|
|
|
check-qlist
|
|
|
|
check-qstring
|
2014-01-27 12:26:21 +04:00
|
|
|
check-qom-interface
|
qom: Add object_new_with_props() / object_new_withpropv() helpers
It is reasonably common to want to create an object, set a
number of properties, register it in the hierarchy and then
mark it as complete (if a user creatable type). This requires
quite a lot of error prone, verbose, boilerplate code to achieve.
First a pair of functions object_set_props() / object_set_propv()
are added which allow for a list of objects to be set in
one single API call.
Then object_new_with_props() / object_new_with_propv() constructors
are added which simplify the sequence of calls to create an
object, populate properties, register in the object composition
tree and mark the object complete, into a single method call.
Usage would be:
Error *err = NULL;
Object *obj;
obj = object_new_with_propv(TYPE_MEMORY_BACKEND_FILE,
object_get_objects_root(),
"hostmem0",
&err,
"share", "yes",
"mem-path", "/dev/shm/somefile",
"prealloc", "yes",
"size", "1048576",
NULL);
Note all property values are passed in string form and will
be parsed into their required data types, using normal QOM
semantics for parsing from string format.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-05-13 19:14:06 +03:00
|
|
|
check-qom-proplist
|
2015-02-27 18:21:22 +03:00
|
|
|
rcutorture
|
2013-02-21 06:34:40 +04:00
|
|
|
test-aio
|
2015-11-23 18:24:50 +03:00
|
|
|
test-base64
|
2013-09-24 11:43:40 +04:00
|
|
|
test-bitops
|
2015-11-13 06:47:03 +03:00
|
|
|
test-blockjob-txn
|
2014-04-12 02:23:01 +04:00
|
|
|
test-coroutine
|
2015-07-01 20:10:32 +03:00
|
|
|
test-crypto-cipher
|
2015-07-01 20:10:29 +03:00
|
|
|
test-crypto-hash
|
2015-10-15 14:35:28 +03:00
|
|
|
test-crypto-ivgen
|
2015-10-14 15:14:04 +03:00
|
|
|
test-crypto-pbkdf
|
crypto: add QCryptoSecret object class for password/key handling
Introduce a new QCryptoSecret object class which will be used
for providing passwords and keys to other objects which need
sensitive credentials.
The new object can provide secret values directly as properties,
or indirectly via a file. The latter includes support for file
descriptor passing syntax on UNIX platforms. Ordinarily passing
secret values directly as properties is insecure, since they
are visible in process listings, or in log files showing the
CLI args / QMP commands. It is possible to use AES-256-CBC to
encrypt the secret values though, in which case all that is
visible is the ciphertext. For ad hoc developer testing though,
it is fine to provide the secrets directly without encryption
so this is not explicitly forbidden.
The anticipated scenario is that libvirtd will create a random
master key per QEMU instance (eg /var/run/libvirt/qemu/$VMNAME.key)
and will use that key to encrypt all passwords it provides to
QEMU via '-object secret,....'. This avoids the need for libvirt
(or other mgmt apps) to worry about file descriptor passing.
It also makes life easier for people who are scripting the
management of QEMU, for whom FD passing is significantly more
complex.
Providing data inline (insecure, only for ad hoc dev testing)
$QEMU -object secret,id=sec0,data=letmein
Providing data indirectly in raw format
printf "letmein" > mypasswd.txt
$QEMU -object secret,id=sec0,file=mypasswd.txt
Providing data indirectly in base64 format
$QEMU -object secret,id=sec0,file=mykey.b64,format=base64
Providing data with encryption
$QEMU -object secret,id=master0,file=mykey.b64,format=base64 \
-object secret,id=sec0,data=[base64 ciphertext],\
keyid=master0,iv=[base64 IV],format=base64
Note that 'format' here refers to the format of the ciphertext
data. The decrypted data must always be in raw byte format.
More examples are shown in the updated docs.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-10-14 11:58:38 +03:00
|
|
|
test-crypto-secret
|
2015-04-13 16:01:39 +03:00
|
|
|
test-crypto-tlscredsx509
|
|
|
|
test-crypto-tlscredsx509-work/
|
|
|
|
test-crypto-tlscredsx509-certs/
|
2015-03-02 20:23:31 +03:00
|
|
|
test-crypto-tlssession
|
|
|
|
test-crypto-tlssession-work/
|
|
|
|
test-crypto-tlssession-client/
|
|
|
|
test-crypto-tlssession-server/
|
2013-02-21 06:34:40 +04:00
|
|
|
test-cutils
|
|
|
|
test-hbitmap
|
2013-09-24 11:43:40 +04:00
|
|
|
test-int128
|
2013-02-21 06:34:40 +04:00
|
|
|
test-iov
|
2015-09-15 19:27:33 +03:00
|
|
|
test-io-channel-buffer
|
2015-08-27 18:25:30 +03:00
|
|
|
test-io-channel-command
|
|
|
|
test-io-channel-command.fifo
|
2015-02-27 21:25:25 +03:00
|
|
|
test-io-channel-file
|
|
|
|
test-io-channel-file.txt
|
2015-02-27 19:19:33 +03:00
|
|
|
test-io-channel-socket
|
2015-03-02 21:13:13 +03:00
|
|
|
test-io-channel-tls
|
2015-03-18 20:25:45 +03:00
|
|
|
test-io-task
|
2013-02-21 06:34:40 +04:00
|
|
|
test-mul64
|
2014-04-12 02:23:01 +04:00
|
|
|
test-opts-visitor
|
2014-09-26 19:20:32 +04:00
|
|
|
test-qapi-event.[ch]
|
2012-04-20 05:40:24 +04:00
|
|
|
test-qapi-types.[ch]
|
|
|
|
test-qapi-visit.[ch]
|
2013-07-11 00:08:40 +04:00
|
|
|
test-qdev-global-props
|
2014-09-26 19:20:32 +04:00
|
|
|
test-qemu-opts
|
2015-10-20 22:41:33 +03:00
|
|
|
test-qga
|
2012-04-20 05:40:24 +04:00
|
|
|
test-qmp-commands
|
2014-04-12 02:23:01 +04:00
|
|
|
test-qmp-commands.h
|
2014-09-26 19:20:32 +04:00
|
|
|
test-qmp-event
|
2012-04-20 05:40:24 +04:00
|
|
|
test-qmp-input-strict
|
2014-04-12 02:23:01 +04:00
|
|
|
test-qmp-input-visitor
|
qapi: New QMP command query-qmp-schema for QMP introspection
qapi/introspect.json defines the introspection schema. It's designed
for QMP introspection, but should do for similar uses, such as QGA.
The introspection schema does not reflect all the rules and
restrictions that apply to QAPI schemata. A valid QAPI schema has an
introspection value conforming to the introspection schema, but the
converse is not true.
Introspection lowers away a number of schema details, and makes
implicit things explicit:
* The built-in types are declared with their JSON type.
All integer types are mapped to 'int', because how many bits we use
internally is an implementation detail. It could be pressed into
external interface service as very approximate range information,
but that's a bad idea. If we need range information, we better do
it properly.
* Implicit type definitions are made explicit, and given
auto-generated names:
- Array types, named by appending "List" to the name of their
element type, like in generated C.
- The enumeration types implicitly defined by simple union types,
named by appending "Kind" to the name of their simple union type,
like in generated C.
- Types that don't occur in generated C. Their names start with ':'
so they don't clash with the user's names.
* All type references are by name.
* The struct and union types are generalized into an object type.
* Base types are flattened.
* Commands take a single argument and return a single result.
Dictionary argument or list result is an implicit type definition.
The empty object type is used when a command takes no arguments or
produces no results.
The argument is always of object type, but the introspection schema
doesn't reflect that.
The 'gen': false directive is omitted as implementation detail.
The 'success-response' directive is omitted as well for now, even
though it's not an implementation detail, because it's not used by
QMP.
* Events carry a single data value.
Implicit type definition and empty object type use, just like for
commands.
The value is of object type, but the introspection schema doesn't
reflect that.
* Types not used by commands or events are omitted.
Indirect use counts as use.
* Optional members have a default, which can only be null right now
Instead of a mandatory "optional" flag, we have an optional default.
No default means mandatory, default null means optional without
default value. Non-null is available for optional with default
(possible future extension).
* Clients should *not* look up types by name, because type names are
not ABI. Look up the command or event you're interested in, then
follow the references.
TODO Should we hide the type names to eliminate the temptation?
New generator scripts/qapi-introspect.py computes an introspection
value for its input, and generates a C variable holding it.
It can generate awfully long lines. Marked TODO.
A new test-qmp-input-visitor test case feeds its result for both
tests/qapi-schema/qapi-schema-test.json and qapi-schema.json to a
QmpInputVisitor to verify it actually conforms to the schema.
New QMP command query-qmp-schema takes its return value from that
variable. Its reply is some 85KiBytes for me right now.
If this turns out to be too much, we have a couple of options:
* We can use shorter names in the JSON. Not the QMP style.
* Optionally return the sub-schema for commands and events given as
arguments.
Right now qmp_query_schema() sends the string literal computed by
qmp-introspect.py. To compute sub-schema at run time, we'd have to
duplicate parts of qapi-introspect.py in C. Unattractive.
* Let clients cache the output of query-qmp-schema.
It changes only on QEMU upgrades, i.e. rarely. Provide a command
query-qmp-schema-hash. Clients can have a cache indexed by hash,
and re-query the schema only when they don't have it cached. Even
simpler: put the hash in the QMP greeting.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2015-09-16 14:06:28 +03:00
|
|
|
test-qmp-introspect.[ch]
|
2012-04-20 05:40:24 +04:00
|
|
|
test-qmp-marshal.c
|
2014-04-12 02:23:01 +04:00
|
|
|
test-qmp-output-visitor
|
2015-02-27 18:21:22 +03:00
|
|
|
test-rcu-list
|
2014-04-12 02:23:02 +04:00
|
|
|
test-rfifolock
|
2014-04-12 02:23:01 +04:00
|
|
|
test-string-input-visitor
|
|
|
|
test-string-output-visitor
|
2013-02-21 06:34:40 +04:00
|
|
|
test-thread-pool
|
2014-04-12 02:23:01 +04:00
|
|
|
test-throttle
|
2015-11-13 06:47:03 +03:00
|
|
|
test-timed-average
|
2014-04-12 02:23:01 +04:00
|
|
|
test-visitor-serialization
|
2013-11-28 18:01:18 +04:00
|
|
|
test-vmstate
|
2015-02-27 18:21:22 +03:00
|
|
|
test-write-threshold
|
2013-01-23 21:58:27 +04:00
|
|
|
test-x86-cpuid
|
2013-02-21 06:34:40 +04:00
|
|
|
test-xbzrle
|
2015-10-07 06:52:22 +03:00
|
|
|
test-netfilter
|
2012-04-20 05:40:24 +04:00
|
|
|
*-test
|
2013-09-24 11:43:39 +04:00
|
|
|
qapi-schema/*.test.*
|