This extends the NBD protocol handling code so that it is capable
of negotiating TLS support during the connection setup. This involves
requesting the STARTTLS protocol option before any other NBD options.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455129674-17255-14-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
If the user does not provide an export name and the server
is running the new style protocol, where export names are
mandatory, use "" as the default export name if the user
has not specified any. "" is defined in the NBD protocol
as the default name to use in such scenarios.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455129674-17255-13-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
With the new style protocol, the NBD client will currenetly
send NBD_OPT_EXPORT_NAME as the first (and indeed only)
option it wants. The problem is that the NBD protocol spec
does not allow for returning an error message with the
NBD_OPT_EXPORT_NAME option. So if the server mandates use
of TLS, the client will simply see an immediate connection
close after issuing NBD_OPT_EXPORT_NAME which is not user
friendly.
To improve this situation, if we have the fixed new style
protocol, we can sent NBD_OPT_LIST as the first option
to query the list of server exports. We can check for our
named export in this list and raise an error if it is not
found, instead of going ahead and sending NBD_OPT_EXPORT_NAME
with a name that we know will be rejected.
This improves the error reporting both in the case that the
server required TLS, and in the case that the client requested
export name does not exist on the server.
If the server does not support NBD_OPT_LIST, we just ignore
that and carry on with NBD_OPT_EXPORT_NAME as before.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455129674-17255-12-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The qemu-nbd server currently always uses the old style protocol
since it never sets any export name. This is a problem because
future TLS support will require use of the new style protocol
negotiation.
This adds "--exportname NAME" / "-x NAME" arguments to qemu-nbd
which allow the user to set an explicit export name. When an
export name is set the server will always use the new style
NBD protocol.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455129674-17255-11-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
If the server advertises support for the fixed new style
negotiation, the client should in turn enable new style.
This will allow the client to negotiate further NBD
options besides the export name.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455129674-17255-10-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
If the client does not request the fixed new style protocol,
then we should only accept NBD_OPT_EXPORT_NAME. All other
options are only valid when fixed new style has been activated.
The qemu-nbd client doesn't currently request fixed new style
protocol, but this change won't break qemu-nbd, because it
fortunately only ever uses NBD_OPT_EXPORT_NAME, so was never
triggering the non-compliant server behaviour.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455129674-17255-9-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The nbd_receive_negotiate() method takes different code
paths based on whether 'name == NULL', and then checks
the expected protocol version in each branch.
This patch inverts the logic, so that it takes different
code paths based on what protocol version it receives and
then checks if name is NULL or not as needed.
This facilitates later code which allows the client to
be capable of using the new style protocol regardless
of whether an export name is listed or not.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455129674-17255-8-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Now that all callers are converted to use I/O channels for
initial connection setup, it is possible to switch the core
NBD protocol handling core over to use QIOChannel APIs for
actual sockets I/O.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455129674-17255-7-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This converts the blockdev NBD server to use the QIOChannelSocket
class for initial listener socket setup and accepting of client
connections. Actual I/O is still being performed against the
socket file descriptor using the POSIX socket APIs.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455129674-17255-6-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This converts the qemu-nbd server to use the QIOChannelSocket
class for initial listener socket setup and accepting of client
connections. Actual I/O is still being performed against the
socket file descriptor using the POSIX socket APIs.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455129674-17255-5-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This converts the NBD block driver client to use the QIOChannelSocket
class for initial connection setup. The NbdClientSession struct has
two pointers, one to the master QIOChannelSocket providing the raw
data channel, and one to a QIOChannel which is the current channel
used for I/O. Initially the two point to the same object, but when
TLS support is added, they will point to different objects.
The qemu-img & qemu-io tools now need to use MODULE_INIT_QOM to
ensure the QIOChannel object classes are registered. The qemu-nbd
tool already did this.
In this initial conversion though, all I/O is still actually done
using the raw POSIX sockets APIs.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455129674-17255-4-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Allow creation of user creatable object types with qemu-nbd
via a new --object command line arg. This will be used to supply
passwords and/or encryption keys to the various block driver
backends via the recently added 'secret' object type.
# printf letmein > mypasswd.txt
# qemu-nbd --object secret,id=sec0,file=mypasswd.txt \
...other nbd args...
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455129674-17255-3-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The QMP monitor code has two helper methods object_add
and qmp_object_del that are called from several places
in the code (QMP, HMP and main emulator startup).
The HMP and main emulator startup code also share
further logic that extracts the qom-type & id
values from a qdict.
We soon need to use this logic from qemu-img, qemu-io
and qemu-nbd too, but don't want those to depend on
the monitor, nor do we want to duplicate the code.
To avoid this, move some code out of qmp.c and hmp.c
adding new methods to qom/object_interfaces.c
- user_creatable_add - takes a QDict holding a full
object definition & instantiates it
- user_creatable_add_type - takes an ID, type name,
and QDict holding object properties & instantiates
it
- user_creatable_add_opts - takes a QemuOpts holding
a full object definition & instantiates it
- user_creatable_add_opts_foreach - variant on
user_creatable_add_opts which can be directly used
in conjunction with qemu_opts_foreach.
- user_creatable_del - takes an ID and deletes the
corresponding object
The existing code is updated to use these new methods.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455129674-17255-2-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Fix a number of off-by-ones, one of them spotted by Coverity.
Signed-off-by: Cédric Le Goater <clg@fr.ibm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
MPI_DOORBELL_WHO_INIT_SHIFT is being repeated twice. Reported
by Coverity.
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This can cause various segmentation faults or aborts in qemu-iotests
test 091.
Fixes: 5b82b703b6
Cc: Dave Gilbert <dgilbert@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reproducer is simply to migrate a virtual machine that was started with -S,
or that was already migrated.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This patch implements proposal from Paolo to handle system reset when
the guest is not running.
"After a reset, main_loop_should_exit should actually transition
to VM_STATE_PRELAUNCH (*not* RUN_STATE_PAUSED) for *all* states except
RUN_STATE_INMIGRATE, RUN_STATE_SAVE_VM (which I think cannot happen
there) and (of course) RUN_STATE_RUNNING."
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1455369986-20353-1-git-send-email-den@openvz.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Actively redefining 'inline' is wrong for C++, where gcc has an
extension 'inline namespace' which fails to compile if the
keyword 'inline' is replaced by a macro expansion. This will
matter once we start to include "qemu/osdep.h" first from C++
files, depending also on whether the system headers are new
enough to be using the gcc extension.
But rather than just guard things by __cplusplus, let's look at
the overall picture. Commit df2542c737 in 2007 defined 'inline'
to the gcc attribute __always_inline__, with the rationale "To
avoid discarded inlining bug". But compilers have improved since
then, and we are probably better off trusting the compiler rather
than trying to force its hand.
So just nuke our craziness.
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <1455043788-28112-1-git-send-email-eblake@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
If io_channel_send_full gets QIO_CHANNEL_ERR_BLOCK it
and has already sent some of the data, it should return
that amount of data, not EAGAIN, as that would cause
the caller to re-try already sent data.
Unfortunately due to a previous rebase conflict resolution
error, the code for dealing with this was in the wrong
part of the conditional, and so mistakenly ran on other
I/O errors.
This be seen running
qemu-system-x86_64 -monitor stdio
and entering 'info mtree', when running on a slow console
(eg a slow remote ssh session). The monitor would get into
an indefinite loop writing the same data until it managed
to send it all without getting EAGAIN.
Reported-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1455288410-27046-1-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This reverts commit 34689e206a.
Marc-André Lureau provided the following commentary: "It looks like if
a the slave is opened, then Linux will buffer the master writes, up to
a few kb and then throttle, so it's not entirely blocked but eventually
the guest VM dies. However, not having any slave open it will simply let
the write go and discard the data. At least, virt-install configures
a pty for the serial but viewers like virt-manager do not necessarily
open it. And, if there are no viewers, it will just hang. If qemu
starts reading all the data from the slave, I don't think interactions
with other slaves will work. I don't see much options but to close the
slave, thus reverting this patch."
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Now, macro definition such as "#define abc(x) [x] = y" should pass
without an error.
Signed-off-by: Leonid Bloch <leonid@daynix.com>
Message-Id: <1446112118-12376-3-git-send-email-leonid@daynix.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Previously, an error was printed in cases such as:
{ [1] = 5, [2] = 6 }
The space passed OK after a curly brace, but not after a comma.
Now, a space before a square bracket is allowed, if a comma comes before
it.
Signed-off-by: Leonid Bloch <leonid@daynix.com>
Message-Id: <1446112118-12376-2-git-send-email-leonid@daynix.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This is immediately usable by lea and multi-byte nop,
and will be required to implement parts of the mpx spec.
Signed-off-by: Richard Henderson <rth@twiddle.net>
This includes XSAVE, XRSTOR, XGETBV, XSETBV, which are all related,
as well as the associate cpuid bits.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Rather than nesting tests of OP, MOD, and RM, decode them all at once
with a switch. Also, add some missing #UD checks for e.g. incorrect
LOCK prefix.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Rather than nesting tests of OP, MOD, and RM, decode them
all at once with a switch. Fixes incorrect decoding of
AMD Pacifica extensions (aka vmrun et al) via op==2 path.
Signed-off-by: Richard Henderson <rth@twiddle.net>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAABAgAGBQJWvhYpAAoJEIlPj0hw4a6QXOoP+gPHMY3iAGWedddBLWkkp1gu
IwcbeEyD/MbFL1IxhtX3y7FRVnLd8qJ7DRPoqGxEDSmWAWn/OM0qPXiG+U92SPWm
IMddQxbe/FdrG63WCWFJ6a8TVXL3q70tQyjOYQYgIUjQhKTME/fFvVqa6GSQ6sm1
aBMRMYw5961FQtKVjd7FrtuFIiYQq+6PS1Sp0LAGt3RaTweE/ngVxzHFS2BLJL2S
xwA7KJ0xdm4uEcZHveg1k8ysP76WIRJWSf5y9pkNoHluOE3324xBx5tiHFkYHpPN
ZFCUoolCDp4mGZNvOlnsmIyEkmmm3uGWYz5H4D2SjJ1MbfG9ofCWd4h9kyISfI31
olNxPx+N4eEV1zaGt9np/cXl/ixrjeOGAtklBowPVF+aCGtZlcWEeIeBYbeh1vHu
ExyVhVSeeOb+5s9OQDCAWEiFaU4LuUCBKqfjGKx7FQe49b6/LvbtIxR2+NvHqF9e
wbj0L0hnQCd03ngVbBR11q7wne4jGIf9okHdBZE3/P6BXLT3KCgydCyLoQYGxuy+
RsxKwboXWMbZkZynkySgVhKBCZTbOnTto1MX/7cyPrHpgIJlfZRH0izs3POfL+3r
WW2VvrxPVgf5pzdvmZYEG+B5CicGFE2KxT55awHXOvlHDd1mReIJUG3/ytpiCmNm
FOaQ6NJvs1fMq1MwEJPl
=GtaJ
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/sstabellini/tags/xen-2016-02-12' into staging
Xen 2016-02-12
# gpg: Signature made Fri 12 Feb 2016 17:28:09 GMT using RSA key ID 70E1AE90
# gpg: Good signature from "Stefano Stabellini <stefano.stabellini@eu.citrix.com>"
* remotes/sstabellini/tags/xen-2016-02-12:
xen: Drop __XEN_LATEST_INTERFACE_VERSION__ checks from prior to Xen 4.2
xen: move xenforeignmemory compat layer into common place
xen: drop XenXC and associated interface wrappers
xen: drop xen_xc_hvm_inject_msi wrapper
xen: drop support for Xen 4.1 and older.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Recent Fedora complains while compiling ui/sdl.c:
/usr/x86_64-w64-mingw32/sys-root/mingw/include/winsock2.h:15:2: warning: #warning Please include winsock2.h before windows.h [-Wcpp]
And with this patch we dutifully obey.
Stefan Weil:
Without that patch, windows.h will include winsock.h
(which conflicts with winsock2.h) when compiling sdl.c.
Normally we define WIN32_LEAN_AND_MEAN, and
windows.h won't include winsock.h.
include/ui/sdl2.h and ui/sdl.c undefine that macro,
so the order of the include files is important.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
This key is present in international keyboards, between left shift and
the 'Z' key, ant is described in the HID usage tables as "Keyboard
Non-US \ and |": http://www.usb.org/developers/hidpage/Hut1_12v2.pdf
This patch fixes the usb-kbd devices.
Signed-off-by: Daniel Serpell <daniel.serpell@gmail.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
This is an s390 boot rom which was used in s390-virtio machine.
but since commit 3538fb6f89
"s390x: remove s390-virtio machine", this file isn't used.
The only place it is referenced in the code is an unused
define ZIPL_FILENAME. There's also comment in hw/s390/ipl.c
which I'm modifying too, to refer to s390-ccw.img instead.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
