Commit Graph

1876 Commits

Author SHA1 Message Date
Daniel P. Berrange
9894dc0cdc char: convert from GIOChannel to QIOChannel
In preparation for introducing TLS support to the TCP chardev
backend, convert existing chardev code from using GIOChannel
to QIOChannel. This simplifies the chardev code by removing
most of the OS platform conditional code for dealing with
file descriptor passing.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1453202071-10289-3-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-01-26 15:58:11 +01:00
Daniel P. Berrange
7746abd8e9 qom: Change object property iterator API contract
Currently the ObjectProperty iterator API works as follows:

  ObjectPropertyIterator *iter;

  iter = object_property_iter_init(obj);
  while ((prop = object_property_iter_next(iter))) {
     ...
  }
  object_property_iter_free(iter);

This has the benefit that the ObjectPropertyIterator struct
can be opaque, but has the downside that callers need to
explicitly call a free function. It is also not in keeping
with iterator style used elsewhere in QEMU/GLib2.

This patch changes the API to use stack allocation instead:

  ObjectPropertyIterator iter;

  object_property_iter_init(&iter, obj);
  while ((prop = object_property_iter_next(&iter))) {
     ...
  }

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[AF: Fused ObjectPropertyIterator struct with typedef]
Signed-off-by: Andreas Färber <afaerber@suse.de>
2016-01-18 17:47:58 +01:00
Daniel P. Berrange
16bf7f522a qom: Allow properties to be registered against classes
When there are many instances of a given class, registering
properties against the instance is wasteful of resources. The
majority of objects have a statically defined list of possible
properties, so most of the properties are easily registerable
against the class. Only those properties which are conditionally
registered at runtime need be recorded against the klass.

Registering properties against classes also makes it possible
to provide static introspection of QOM - currently introspection
is only possible after creating an instance of a class, which
severely limits its usefulness.

This impl only supports simple scalar properties. It does not
attempt to allow child object / link object properties against
the class. There are ways to support those too, but it would
make this patch more complicated, so it is left as an exercise
for the future.

There is no equivalent to object_property_del() provided, since
classes must be immutable once they are defined.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2016-01-18 17:47:58 +01:00
Fam Zheng
798bfe0006 nbd: Split nbd.c
We have NBD server code and client code, all mixed in a file. Now split
them into separate files under nbd/, and update MAINTAINERS.

filter_nbd for iotest 083 is updated to keep the log filtered out.

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <1452760863-25350-3-git-send-email-famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-01-15 18:58:02 +01:00
Markus Armbruster
533fdaedeb error: Consistently name Error * objects err, and not errp
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1450452927-8346-25-git-send-email-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2016-01-13 15:16:19 +01:00
Markus Armbruster
bf89e87427 vhdx: Fix "log that needs to be replayed" error message
The arguments of error_setg_errno() should yield a short error string
without newlines.

Here, we try to append additional help to the error message by
embedding newlines in the error string.  That's nice, but it's doesn't
play nicely with the errno part.  tests/qemu-iotests/070.out shows the
resulting mess:

    can't open device TEST_DIR/iotest-dirtylog-10G-4M.vhdx: VHDX image file 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx' opened read-only, but contains a log that needs to be replayed.  To replay the log, execute:
     qemu-img check -r all 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx': Operation not permitted

Switch to error_setg() and error_append_hint().  Result:

    can't open device TEST_DIR/iotest-dirtylog-10G-4M.vhdx: VHDX image file 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx' opened read-only, but contains a log that needs to be replayed
    To replay the log, run:
    qemu-img check -r all 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx'

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1450452927-8346-21-git-send-email-armbru@redhat.com>
2016-01-13 15:16:18 +01:00
Markus Armbruster
d28d737fb9 vmdk: Clean up "Invalid extent lines" error message
vmdk_parse_extents() reports parse errors like this:

    error_setg(errp, "Invalid extent lines:\n%s", p);

where p points to the beginning of the malformed line in the image
descriptor.  This results in a multi-line error message

    Invalid extent lines:
    <first line that doesn't parse>
    <remaining text that may or may not parse, if any>

Error messages should not have newlines embedded.  Since the remaining
text is not helpful, we can simply report:

    Invalid extent line: <first line that doesn't parse>

Cc: Fam Zheng <famz@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1450452927-8346-19-git-send-email-armbru@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
2016-01-13 15:16:18 +01:00
Markus Armbruster
b988468149 qemu-io qemu-nbd: Use error_report() etc. instead of fprintf()
Just three instances left.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1450452927-8346-16-git-send-email-armbru@redhat.com>
2016-01-13 15:16:18 +01:00
Markus Armbruster
c29b77f955 error: Use error_reportf_err() where it makes obvious sense
Done with this Coccinelle semantic patch

    @@
    expression FMT, E, S;
    expression list ARGS;
    @@
    -    error_report(FMT, ARGS, error_get_pretty(E));
    +    error_reportf_err(E, FMT/*@@@*/, ARGS);
    (
    -    error_free(E);
    |
	 exit(S);
    |
	 abort();
    )

followed by a replace of '%s"/*@@@*/' by '"' and some line rewrapping,
because I can't figure out how to make Coccinelle transform strings.

We now use the error whole instead of just its message obtained with
error_get_pretty().  This avoids suppressing its hint (see commit
50b7b00), but I can't see how the errors touched in this commit could
come with hints.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <1450452927-8346-12-git-send-email-armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2016-01-13 15:16:17 +01:00
Markus Armbruster
8aa802a6b7 error: Don't decorate original error message when adding to it
Prepend the additional information, colon, space to the original
message without enclosing it in parenthesis or quotes, like we do
elsewhere.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1450452927-8346-11-git-send-email-armbru@redhat.com>
2016-01-13 15:16:17 +01:00
Markus Armbruster
73eaa04777 test-throttle: Simplify qemu_init_main_loop() error handling
The code looks like it tries to check for both qemu_init_main_loop()
and qemu_get_aio_context() failure in one conditional.  In fact,
qemu_get_aio_context() can fail only after qemu_init_main_loop()
failed.

Simplify accordingly: check for qemu_init_main_loop() error directly,
without bothering to improve its error message.  Call
qemu_get_aio_context() only when qemu_get_aio_context() succeeded.  It
can't fail then, so no need to check.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1450452927-8346-9-git-send-email-armbru@redhat.com>
2016-01-13 15:16:17 +01:00
John Snow
c5620e658e libqos/ahci: organize header
Organize the prototypes into nice little sections.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1452282920-21550-10-git-send-email-jsnow@redhat.com
2016-01-11 14:10:44 -05:00
John Snow
e8109694c7 qtest/ahci: ATAPI data tests
Simple I/O tests for DMA and PIO pathways in the AHCI HBA.

I believe at this point in time all of the common, major IO pathways
in BMDMA and AHCI are covered by qtests now.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1452282920-21550-9-git-send-email-jsnow@redhat.com
2016-01-11 14:10:43 -05:00
John Snow
9350df7cea libqos/ahci: add ahci_exec
add ahci_exec, which is a standard purpose flexible command dispatcher
and tester for the AHCI device. The intent is to eventually cut down on
the absurd amount of boilerplate inside of the AHCI qtest.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1452282920-21550-8-git-send-email-jsnow@redhat.com
2016-01-11 14:10:43 -05:00
John Snow
b682d3a7cf libqos/ahci: allow nondata commands for ahci_io variants
These variants try to set a data offset, even if you don't specify one.
In the cases where the offset is zero and it's a nondata command, just
ignore the instruction.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1452282920-21550-7-git-send-email-jsnow@redhat.com
2016-01-11 14:10:43 -05:00
John Snow
b1b66c3b5e libqos: allow zero-size allocations
As part of streamlining the AHCI tests interface, it'd be nice
if specying a size of zero could be handled without special branches
and the allocator could handle this special case gracefully.

This lets me use the "ahci_io" macros for non-data commands, too,
which moves me forward towards shepherding all AHCI qtests into
a common set of commands in a unified pipeline.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1452282920-21550-6-git-send-email-jsnow@redhat.com
2016-01-11 14:10:43 -05:00
John Snow
b88641e236 libqos/ahci: Switch to mutable properties
ATAPI commands are, unfortunately, weird in that they can
be either DMA or PIO depending on a header bit. In order to
accommodate them, I'll need to make AHCI command properties
mutable so we can toggle between which "flavor" of ATAPI command
we want to test.

The default ATAPI transfer mechanism is PIO and the default
properties are adjusted accordingly.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1452282920-21550-5-git-send-email-jsnow@redhat.com
2016-01-11 14:10:43 -05:00
John Snow
d0b282a58c libqos/ahci: ATAPI identify
We need to say "hello!" to our ATAPI friends
in a slightly different manner.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1452282920-21550-4-git-send-email-jsnow@redhat.com
2016-01-11 14:10:42 -05:00
John Snow
54d268b26a libqos/ahci: ATAPI support
Add pathways to tolerate ATAPI commands.

Notably, unlike ATA, each SCSI command's layout is a little different,
so support will have to be patched in for each command as we want to
test them in e.g. ahci_command_set_sizes and ahci_command_set_offset.

For now, I'm adding support for 0x28, READ (10).

[Maintainer edit: replaced type-punning with stl_be_p(). --js]

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1452282920-21550-3-git-send-email-jsnow@redhat.com
2016-01-11 14:10:42 -05:00
John Snow
248de4a899 ahci-test: fix memory leak
Use the proper free command to detroy an AHCICommand.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1452282920-21550-2-git-send-email-jsnow@redhat.com
2016-01-11 14:10:42 -05:00
Igor Mammedov
7cb08cb2d7 tests: acpi: print ASL diff in verbose mode
print ASL difference if there is any when
executing 'make V=1 check'.
Use 'DIFF' environment variable to determine
which diff utility to use and if it's not set
notify user by printing warning that DIFF is
not set if run in verbose mode and there is
difference in ASL.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2016-01-08 16:01:37 +02:00
Fam Zheng
94ca2c7395 iotests: Add test cases for blockdev-mirror
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 1450932306-13717-6-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:18 +01:00
Bo Tu
dd87de06fa qemu-iotests: s390x: fix test 051
Replace the remaining "-drive file..."
by "-drive file=...,if=none,id=$device_id", then x86 and s390x
can get the common output.
"if=ide, if=floppy, if=scsi" are not supported by s390x,
so these test cases are not executed for s390x platform.

Signed-off-by: Bo Tu <tubo@linux.vnet.ibm.com>
Message-id: 1451885360-20236-2-git-send-email-tubo@linux.vnet.ibm.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:17 +01:00
Fam Zheng
f943078e42 iotests: 095: Filter _img_info output
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1450752561-9300-12-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:17 +01:00
Fam Zheng
61b422265e iotests: 095: Use TEST_IMG override instead of "mv"
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1450752561-9300-11-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:17 +01:00
Fam Zheng
ae7e0bf461 iotests: 050: Use TEST_IMG override instead of "mv"
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 1450752561-9300-10-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:17 +01:00
Fam Zheng
1b935e1dc9 iotests: 038: Use TEST_IMG override instead of "mv"
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 1450752561-9300-9-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:17 +01:00
Fam Zheng
9b652fbe1d iotests: 037: Use TEST_IMG override instead of "mv"
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 1450752561-9300-8-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:17 +01:00
Fam Zheng
5581018400 iotests: 034: Use TEST_IMG override instead of "mv"
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 1450752561-9300-7-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:17 +01:00
Fam Zheng
49557d656c iotests: 028: Use TEST_IMG override instead of "mv"
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 1450752561-9300-6-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:17 +01:00
Fam Zheng
f19f11896e iotests: 024: Use TEST_IMG override instead of "mv"
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 1450752561-9300-5-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:17 +01:00
Fam Zheng
71ad761766 iotests: 020: Use TEST_IMG override instead of "mv"
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 1450752561-9300-4-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:17 +01:00
Fam Zheng
f2bbcd3f7f iotests: 019: Use TEST_IMG override instead of "mv"
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 1450752561-9300-3-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:17 +01:00
Fam Zheng
9b337ae90a iotests: 018: Use TEST_IMG override instead of "mv"
Signed-off-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 1450752561-9300-2-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:17 +01:00
Paolo Bonzini
7467d94cc4 qemu-iotests: make check-block.sh work on out-of-tree builds
Since check-block.sh, the "check" script has learnt to find the source
path.  On the other hand, it expects common.env to be in the build tree
(both changes made in commit 76c7560, "configure: Enable out-of-tree
iotests", 2014-05-24).  So, it is wrong to invoke "check" from the source
path like check-block.sh does.  Fix it.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1450867341-11100-1-git-send-email-pbonzini@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:16 +01:00
Fam Zheng
253597d8cf iotests: 086: Add raw format
Raw is as qualified as qcow2 for this test case, add it for more
coverage.

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1450851979-15580-1-git-send-email-famz@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07 21:30:16 +01:00
Peter Maydell
38a762fec6 Merge misc crypto changes & fixes
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJWeoF6AAoJEL6G67QVEE/ff7MP/jcF8c21q28DLPvHFTQdLCDS
 HsrJhUXlPBQk6knQrZQpb5PU8/s2NeyJdglzxFI7LaOlTAjlUh+bZIoU7Y9iGht9
 HOKAgUX1eApkMfhpV+pzPXIrF3b7TCiWWOKsWW8SkqSnIYgigBM+8xA0XspduWvQ
 cSklbwvhs3duawrg8lVnRJQgbrVtDVFKrzBiUCke6qSrKqO/2iuLrpZMiv6b5uTQ
 tWzBb2gT/BDcZHRF6Br6DApBe1uqkL/oXmo5DtM/ouwPjuTHMnx8gYFgyIz1vbQN
 Ti0FrKtwrr8aK5hSnNbNcizKdst7Txw7jV5PiIDdTKV5CvYza4zdeppXXa0rSIyI
 ByThHzeR5J11hDiIAZ72/yHo9gIifOLqKZtQsCrRB8niyQ93rr85UWA2JWdLqRXs
 gbbLRK3UXwSZVWmdAlrFIZUxBUdTnc/qcLIU0cgnffC7ozZbwyjt3dnIUM6WmlxW
 DjY7Z5wcFbbnYsufwBZgZUhWbTj3AdAaiIdBuY33GqqtVs59nICBrtSCYmP1j4+u
 fDv4QlElETC5hGH9ZPeo08yGrgRA6hGlopnnKSzlfmeb62UU2aYcTW6fNP9OkZI2
 HHyGa4XeaeYzYhYbbtRngSI9QjJVf5qzFq2rSFuZcf/9t0n1dztFd36DLca6sW4x
 fMahe7XiEmKqBBAwFaAr
 =fHY5
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/pull-crypto-fixes-2015-12-23-1' into staging

Merge misc crypto changes & fixes

# gpg: Signature made Wed 23 Dec 2015 11:11:54 GMT using RSA key ID 15104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"

* remotes/berrange/tags/pull-crypto-fixes-2015-12-23-1:
  crypto: fix transposed arguments in cipher error message
  crypto: ensure qapi/crypto.json is listed in qapi-modules
  crypto: move QCryptoCipherAlgorithm/Mode enum definitions into QAPI
  crypto: move QCryptoHashAlgorithm enum definition into QAPI
  crypto: add ability to query hash digest len
  crypto: add additional query accessors for cipher instances

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-23 13:53:32 +00:00
Peter Maydell
e833dfddb4 Merge misc I/O channel fixes
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJWen18AAoJEL6G67QVEE/f6TAP/0urpBEzBoYEfqtO+z/CFAyS
 Z5LvXVwDROxV7r42uuO6r6WNpXm2azdm4nMmFEShR70K7HB1T85aEGhSBS20xcFn
 1zSjtutsNWozXYsmJ/rk5aI11E4Pgn2ElZEsom4VwqKJc6ILHDeiQ+jg/5Ky3TFj
 guEfB3Xyk11uIsxAcL1eomiXxpOfCaakbTPp5LQ9dUhYLeTig8uZ58BUWbc/1ADc
 hA+r7b+f9P2D34yocNMvfFfp4Ddy03uKueF2JNkwTVN9/1Ee5dHVu1xzS5uwUm8C
 IeGCx3Rh9f9ZN51qYeL2bCbhqOP/fdXWzCXfPDNVdTPfc7h4/Cl6bGkOs52oJ81x
 iHxvDY6Jco8fnL3T905RJ4k78eC97EOz9wOnUQEcFFxcwp6xgXYz0WRjlvCudB4S
 EiV7fqF0+jgX8AGYHHKIBT22D9Tp9L7x66f8eMNcyK79GHmc0nbSBT5KpVobFilg
 +h9Ws2TbUhRMAp155muX2bwPTHBucHxU5ktESY71ddWJmL53f01q2WWJFLzwWeVs
 w+QKmlY3dtvzpAPjFyDAvTX0o2YgbjZOG9iMhyNDZuQCo1x38gY8fRyl1+7uPjm6
 hmhtKUp9VbXBkwFV3n56tCNDY9Azr1pdxqiPg7fuukTcaHSnu2CHMF2A844oat4G
 O1ftlHgL2yR7eqty70Wm
 =JkVB
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/pull-io-fixes-2015-12-23-1' into staging

Merge misc I/O channel fixes

# gpg: Signature made Wed 23 Dec 2015 10:54:52 GMT using RSA key ID 15104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"

* remotes/berrange/tags/pull-io-fixes-2015-12-23-1:
  io: fix stack allocation when sending of file descriptors
  io: fix setting of QIO_CHANNEL_FEATURE_FD_PASS on server connections
  io: bind to loopback IP addrs in test suite

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-23 12:55:55 +00:00
Daniel P. Berrange
7b36064c90 crypto: add ability to query hash digest len
Add a qcrypto_hash_digest_len() method which allows querying of
the raw digest size for a given hash algorithm.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-23 11:02:20 +00:00
Daniel P. Berrange
dd2bf9eb95 crypto: add additional query accessors for cipher instances
Adds new methods to allow querying the length of the cipher
key, block size and initialization vectors.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-23 11:02:20 +00:00
Daniel P. Berrange
7b3c618ad0 io: fix stack allocation when sending of file descriptors
When sending file descriptors over a socket, we have to
allocate a data buffer to hold the FDs in the scmsghdr.
Unfortunately we allocated the buffer on the stack inside
an if () {} block, but called sendmsg() outside the block.
So the stack bytes holding the FDs were liable to be
overwritten with other data. By luck this was not a problem
when sending 1 FD, but if sending 2 or more then it would
fail.

The fix is to simply move the variables outside the nested
'if' block. To keep valgrind quiet we also zero-initialize
the 'control' buffer.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-23 10:53:03 +00:00
Daniel P. Berrange
bead59946a io: fix setting of QIO_CHANNEL_FEATURE_FD_PASS on server connections
The QIO_CHANNEL_FEATURE_FD_PASS feature flag is set in the
qio_channel_socket_set_fd() method, however, this only deals
with client side connections.

To ensure server side connections also have the feature flag
set, we must set it in qio_channel_socket_accept() too. This
also highlighted a typo fix where the code updated the
sockaddr struct in the wrong object instance.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-22 18:19:32 +00:00
Daniel P. Berrange
e4d2edc9d0 io: bind to loopback IP addrs in test suite
The test suite currently binds to 0.0.0.0 or ::, which covers
all interfaces of the machine. It is bad practice for test
suite to open publically accessible ports on a machine, so
switch to use loopback addrs 127.0.0.1 or ::1.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-22 18:19:08 +00:00
Corey Minyard
24f976d30a ipmi: Add tests
Test the KCS interface with a local BMC and a BT interface with an
external BMC.

Signed-off-by: Corey Minyard <cminyard@mvista.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-12-22 18:39:19 +02:00
Peter Maydell
c688084506 Merge QCryptoSecret object support
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJWdDmJAAoJEL6G67QVEE/fJ4EP+gNC4ErBDpbg+I4RhLHv/FsF
 i2iEYkmBfFzUmiB8iSFlJY12XJ/CPnbrWks0WNHIoarUgtGuvfqH91KGkERxJQFE
 TkD65EOhNHWlP1zaI5r5ZMizhOdO6EPa0pbS/QH/UCy5qwu5IbG5EesOw00d7nL8
 5gT39ehXAFljutRygWsa1JyOkDB04WNehVsly/l2t9v16aQUDJOC5mWVuoInrDEo
 ye1VG2Cx7Y1/FRo3fFCDwzYD+8jgxIBAu8Igwjk/95VbfBVl769PBAilQRc5zMHt
 //eMNdul6GooVKmu/K1JWkmjIZJFUiboEMgPJElWV1y8bWmhh++4J6EVb55owoDk
 VRv84cqiaYErVb+56gaImr92GSKezll0APWz6YlDsFZgPClCPnUjDSr39+23t1h4
 LprirtbkAjw73T92kuQ7kzbXElWm7rSfcx5u1/S6YPP+EDzZpW9+h62lKGGnuS2M
 bzwFOOmWHe1MhbRSh+BOzGBf1wWhMSCKgLAOmPuRQ8slS91vfE66bIlqpIKBGgfn
 42t0wZCEW8bqIe8xry5pC5UoDfm3cVDhgGHGyMLWWDMez0qDchaAkWNkIDtc8Juv
 a1WqE/0lP/sVb36yLVANvt1/Qvpg6M3JwMbTjVaJl2eTDDtwho4PK+Chxx0a8BGl
 Z6oGj1rmvCDD2Dsi/EXI
 =g+9G
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/pull-qcrypto-secrets-base-2015-12-18-1' into staging

Merge QCryptoSecret object support

# gpg: Signature made Fri 18 Dec 2015 16:51:21 GMT using RSA key ID 15104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"

* remotes/berrange/tags/pull-qcrypto-secrets-base-2015-12-18-1:
  crypto: add support for loading encrypted x509 keys
  crypto: add QCryptoSecret object class for password/key handling
  qga: convert to use error checked base64 decode
  qemu-char: convert to use error checked base64 decode
  util: add base64 decoding function

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-18 17:04:15 +00:00
Daniel P. Berrange
ac1d887849 crypto: add QCryptoSecret object class for password/key handling
Introduce a new QCryptoSecret object class which will be used
for providing passwords and keys to other objects which need
sensitive credentials.

The new object can provide secret values directly as properties,
or indirectly via a file. The latter includes support for file
descriptor passing syntax on UNIX platforms. Ordinarily passing
secret values directly as properties is insecure, since they
are visible in process listings, or in log files showing the
CLI args / QMP commands. It is possible to use AES-256-CBC to
encrypt the secret values though, in which case all that is
visible is the ciphertext.  For ad hoc developer testing though,
it is fine to provide the secrets directly without encryption
so this is not explicitly forbidden.

The anticipated scenario is that libvirtd will create a random
master key per QEMU instance (eg /var/run/libvirt/qemu/$VMNAME.key)
and will use that key to encrypt all passwords it provides to
QEMU via '-object secret,....'.  This avoids the need for libvirt
(or other mgmt apps) to worry about file descriptor passing.

It also makes life easier for people who are scripting the
management of QEMU, for whom FD passing is significantly more
complex.

Providing data inline (insecure, only for ad hoc dev testing)

  $QEMU -object secret,id=sec0,data=letmein

Providing data indirectly in raw format

  printf "letmein" > mypasswd.txt
  $QEMU -object secret,id=sec0,file=mypasswd.txt

Providing data indirectly in base64 format

  $QEMU -object secret,id=sec0,file=mykey.b64,format=base64

Providing data with encryption

  $QEMU -object secret,id=master0,file=mykey.b64,format=base64 \
        -object secret,id=sec0,data=[base64 ciphertext],\
	           keyid=master0,iv=[base64 IV],format=base64

Note that 'format' here refers to the format of the ciphertext
data. The decrypted data must always be in raw byte format.

More examples are shown in the updated docs.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-18 16:25:08 +00:00
Daniel P. Berrange
89bc0b6cae util: add base64 decoding function
The standard glib provided g_base64_decode doesn't provide any
kind of sensible error checking on its input. Add a QEMU custom
wrapper qbase64_decode which can be used with untrustworthy
input that can contain invalid base64 characters, embedded
NUL characters, or not be NUL terminated at all.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-18 16:25:08 +00:00
John Snow
a5002d5302 block/qapi: allow best-effort query
For more complex BDS trees that can be created under normal circumstances,
we lose the ability to issue query commands because of our inability to
re-construct the absolute filename.

Instead, omit this field when it is a problem and present as much information
as we can.

This will change the expected output in iotest 110, where we will now see a
json filename and the lack of an absolute filename instead of an error.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-id: 1450122916-4706-6-git-send-email-jsnow@redhat.com
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2015-12-18 14:36:17 +01:00
John Snow
12dcb1c018 block/qapi: always report full_backing_filename
Always report full_backing_filename, even if it's the same as
backing_filename. In the next patch, full_backing_filename may be
omitted if it cannot be generated instead of allowing e.g. drive_query
to abort if it runs into this scenario.

The presence or absence of the "full" field becomes useful information.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: 1450122916-4706-3-git-send-email-jsnow@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2015-12-18 14:36:17 +01:00
Bo Tu
a41aa71c15 qemu-iotests: s390x: fix test 068
Now, s390-virtio-ccw is default machine and s390-ccw.img is default boot
loader. If the s390-virtio-ccw machine finds no device to load from and
errors out, then emits a panic and exits the vm. This breaks test cases
068 for s390x.
Adding the parameter of "-no-shutdown" for s390-ccw-virtio will pause VM
before shutdown.

Acked-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Sascha Silbe <silbe@linux.vnet.ibm.com>
Signed-off-by: Bo Tu <tubo@linux.vnet.ibm.com>
Message-id: 1449136891-26850-4-git-send-email-tubo@linux.vnet.ibm.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2015-12-18 14:36:17 +01:00