External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-12 12:55:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
fc0e627bac
libvirt/tests/qemuxml2argvmock.c

174 lines
3.9 KiB
C
Raw Normal View History

qemuxml2argvtest: Test localtime clock basis When trying to introduce a test for previous patch, I've noticed that the command line is constructed using current time. This won't work in our test suite (unless you guys wants to set a specific time prior to each test run :) ). Therefore we need to mock calls to time(2) to return the same value every time it's called. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-02-05 14:18:46 +00:00
/*
tests: mock virNetDevSetIPAddress Now that we can include <interface type='ethernet'> in tests, we could almost test XML that has an <ip> element in an interface. Except that the test fails when it tries to actually set the IP address for the interface's tap device. This patch mocks virNetDevSetIPAddress() to just return success.
2016-04-26 16:49:48 +00:00
* Copyright (C) 2014-2016 Red Hat, Inc.
qemuxml2argvtest: Test localtime clock basis When trying to introduce a test for previous patch, I've noticed that the command line is constructed using current time. This won't work in our test suite (unless you guys wants to set a specific time prior to each test run :) ). Therefore we need to mock calls to time(2) to return the same value every time it's called. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-02-05 14:18:46 +00:00
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see
* <http://www.gnu.org/licenses/>.
*
* Author: Michal Privoznik <mprivozn@redhat.com>
*/
#include <config.h>
qemuxml2argvmock: Mock time() on non-linux platforms too The qemuxml2argvtest is run on more platforms than linux. For instance FreeBSD. On these platforms we are, however, not mocking time() which results in current time being fetched from system and hence tests number 32 and 33 failing. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-02-06 12:54:53 +00:00
#include "internal.h"
qemu: Utilize qemu secret objects for RBD auth/secret https://bugzilla.redhat.com/show_bug.cgi?id=1182074 If they're available and we need to pass secrets to qemu, then use the qemu domain secret object in order to pass the secrets for RBD volumes instead of passing the base64 encoded secret on the command line. The goal is to make AES secrets the default and have no user interaction required in order to allow using the AES mechanism. If the mechanism is not available, then fall back to the current plain mechanism using a base64 encoded secret. New APIs: qemu_domain.c: qemuDomainGetSecretAESAlias: Generate/return the secret object alias for an AES Secret Info type. This will be called from qemuDomainSecretAESSetup. qemuDomainSecretAESSetup: (private) This API handles the details of the generation of the AES secret and saves the pieces that need to be passed to qemu in order for the secret to be decrypted. The encrypted secret based upon the domain master key, an initialization vector (16 byte random value), and the stored secret. Finally, the requirement from qemu is the IV and encrypted secret are to be base64 encoded. qemu_command.c: qemuBuildSecretInfoProps: (private) Generate/return a JSON properties object for the AES secret to be used by both the command building and eventually the hotplug code in order to add the secret object. Code was designed so that in the future perhaps hotplug could use it if it made sense. qemuBuildObjectSecretCommandLine (private) Generate and add to the command line the -object secret for the secret. This will be required for the subsequent RBD reference to the object. qemuBuildDiskSecinfoCommandLine (private) Handle adding the AES secret object. Adjustments: qemu_domain.c: The qemuDomainSecretSetup was altered to call either the AES or Plain Setup functions based upon whether AES secrets are possible (we have the encryption API) or not, we have secrets, and of course if the protocol source is RBD. qemu_command.c: Adjust the qemuBuildRBDSecinfoURI API's in order to generate the specific command options for an AES secret, such as: -object secret,id=$alias,keyid=$masterKey,data=$base64encodedencrypted, format=base64 -drive file=rbd:pool/image:id=myname:auth_supported=cephx\;none:\ mon_host=mon1.example.org\:6321,password-secret=$alias,... where the 'id=' value is the secret object alias generated by concatenating the disk alias and "-aesKey0". The 'keyid= $masterKey' is the master key shared with qemu, and the -drive syntax will reference that alias as the 'password-secret'. For the -drive syntax, the 'id=myname' is kept to define the username, while the 'key=$base64 encoded secret' is removed. While according to the syntax described for qemu commit '60390a21' or as seen in the email archive: https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg04083.html it is possible to pass a plaintext password via a file, the qemu commit 'ac1d8878' describes the more feature rich 'keyid=' option based upon the shared masterKey. Add tests for checking/comparing output. NB: For hotplug, since the hotplug code doesn't add command line arguments, passing the encoded secret directly to the monitor will suffice.
2016-04-11 15:26:14 +00:00
#include "viralloc.h"
qemuxml2argvtest: Adapt to ethernet automatic tap creation After 9c17d665fdc5 the tap device for ethernet network type is automatically precreated before spawning qemu. Problem is, the qemuxml2argvtest wasn't updated and thus is failing. Because of all the APIs that new code is calling, I had to mock a lot. Also, since the tap FDs are labeled separately from the rest of the devices/files I had to enable NOP security driver for the test too. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-23 15:19:26 +00:00
#include "vircommand.h"
qemu: Utilize qemu secret objects for RBD auth/secret https://bugzilla.redhat.com/show_bug.cgi?id=1182074 If they're available and we need to pass secrets to qemu, then use the qemu domain secret object in order to pass the secrets for RBD volumes instead of passing the base64 encoded secret on the command line. The goal is to make AES secrets the default and have no user interaction required in order to allow using the AES mechanism. If the mechanism is not available, then fall back to the current plain mechanism using a base64 encoded secret. New APIs: qemu_domain.c: qemuDomainGetSecretAESAlias: Generate/return the secret object alias for an AES Secret Info type. This will be called from qemuDomainSecretAESSetup. qemuDomainSecretAESSetup: (private) This API handles the details of the generation of the AES secret and saves the pieces that need to be passed to qemu in order for the secret to be decrypted. The encrypted secret based upon the domain master key, an initialization vector (16 byte random value), and the stored secret. Finally, the requirement from qemu is the IV and encrypted secret are to be base64 encoded. qemu_command.c: qemuBuildSecretInfoProps: (private) Generate/return a JSON properties object for the AES secret to be used by both the command building and eventually the hotplug code in order to add the secret object. Code was designed so that in the future perhaps hotplug could use it if it made sense. qemuBuildObjectSecretCommandLine (private) Generate and add to the command line the -object secret for the secret. This will be required for the subsequent RBD reference to the object. qemuBuildDiskSecinfoCommandLine (private) Handle adding the AES secret object. Adjustments: qemu_domain.c: The qemuDomainSecretSetup was altered to call either the AES or Plain Setup functions based upon whether AES secrets are possible (we have the encryption API) or not, we have secrets, and of course if the protocol source is RBD. qemu_command.c: Adjust the qemuBuildRBDSecinfoURI API's in order to generate the specific command options for an AES secret, such as: -object secret,id=$alias,keyid=$masterKey,data=$base64encodedencrypted, format=base64 -drive file=rbd:pool/image:id=myname:auth_supported=cephx\;none:\ mon_host=mon1.example.org\:6321,password-secret=$alias,... where the 'id=' value is the secret object alias generated by concatenating the disk alias and "-aesKey0". The 'keyid= $masterKey' is the master key shared with qemu, and the -drive syntax will reference that alias as the 'password-secret'. For the -drive syntax, the 'id=myname' is kept to define the username, while the 'key=$base64 encoded secret' is removed. While according to the syntax described for qemu commit '60390a21' or as seen in the email archive: https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg04083.html it is possible to pass a plaintext password via a file, the qemu commit 'ac1d8878' describes the more feature rich 'keyid=' option based upon the shared masterKey. Add tests for checking/comparing output. NB: For hotplug, since the hotplug code doesn't add command line arguments, passing the encoded secret directly to the monitor will suffice.
2016-04-11 15:26:14 +00:00
#include "vircrypto.h"
Make tests independant of system page size Some code paths have special logic depending on the page size reported by sysconf, which in turn affects the test results. We must mock this so tests always have a consistent page size.
2015-02-02 10:26:49 +00:00
#include "virmock.h"
qemuxml2argvtest: Adapt to ethernet automatic tap creation After 9c17d665fdc5 the tap device for ethernet network type is automatically precreated before spawning qemu. Problem is, the qemuxml2argvtest wasn't updated and thus is failing. Because of all the APIs that new code is calling, I had to mock a lot. Also, since the tap FDs are labeled separately from the rest of the devices/files I had to enable NOP security driver for the test too. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-23 15:19:26 +00:00
#include "virnetdev.h"
Clean up after virNetDevIP creation Commit cf0568b0af4e moved a bunch of functions from virNetDev to the more specific virNetDevIP; however, not all of the existing uses were moved properly, causing build failures on FreeBSD. Complete the transition to the new names and drop the obsolete declarations from the header file while at it.
2016-06-27 10:17:59 +00:00
#include "virnetdevip.h"
qemuxml2argvtest: Adapt to ethernet automatic tap creation After 9c17d665fdc5 the tap device for ethernet network type is automatically precreated before spawning qemu. Problem is, the qemuxml2argvtest wasn't updated and thus is failing. Because of all the APIs that new code is calling, I had to mock a lot. Also, since the tap FDs are labeled separately from the rest of the devices/files I had to enable NOP security driver for the test too. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-23 15:19:26 +00:00
#include "virnetdevtap.h"
#include "virnuma.h"
qemu: Utilize qemu secret objects for RBD auth/secret https://bugzilla.redhat.com/show_bug.cgi?id=1182074 If they're available and we need to pass secrets to qemu, then use the qemu domain secret object in order to pass the secrets for RBD volumes instead of passing the base64 encoded secret on the command line. The goal is to make AES secrets the default and have no user interaction required in order to allow using the AES mechanism. If the mechanism is not available, then fall back to the current plain mechanism using a base64 encoded secret. New APIs: qemu_domain.c: qemuDomainGetSecretAESAlias: Generate/return the secret object alias for an AES Secret Info type. This will be called from qemuDomainSecretAESSetup. qemuDomainSecretAESSetup: (private) This API handles the details of the generation of the AES secret and saves the pieces that need to be passed to qemu in order for the secret to be decrypted. The encrypted secret based upon the domain master key, an initialization vector (16 byte random value), and the stored secret. Finally, the requirement from qemu is the IV and encrypted secret are to be base64 encoded. qemu_command.c: qemuBuildSecretInfoProps: (private) Generate/return a JSON properties object for the AES secret to be used by both the command building and eventually the hotplug code in order to add the secret object. Code was designed so that in the future perhaps hotplug could use it if it made sense. qemuBuildObjectSecretCommandLine (private) Generate and add to the command line the -object secret for the secret. This will be required for the subsequent RBD reference to the object. qemuBuildDiskSecinfoCommandLine (private) Handle adding the AES secret object. Adjustments: qemu_domain.c: The qemuDomainSecretSetup was altered to call either the AES or Plain Setup functions based upon whether AES secrets are possible (we have the encryption API) or not, we have secrets, and of course if the protocol source is RBD. qemu_command.c: Adjust the qemuBuildRBDSecinfoURI API's in order to generate the specific command options for an AES secret, such as: -object secret,id=$alias,keyid=$masterKey,data=$base64encodedencrypted, format=base64 -drive file=rbd:pool/image:id=myname:auth_supported=cephx\;none:\ mon_host=mon1.example.org\:6321,password-secret=$alias,... where the 'id=' value is the secret object alias generated by concatenating the disk alias and "-aesKey0". The 'keyid= $masterKey' is the master key shared with qemu, and the -drive syntax will reference that alias as the 'password-secret'. For the -drive syntax, the 'id=myname' is kept to define the username, while the 'key=$base64 encoded secret' is removed. While according to the syntax described for qemu commit '60390a21' or as seen in the email archive: https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg04083.html it is possible to pass a plaintext password via a file, the qemu commit 'ac1d8878' describes the more feature rich 'keyid=' option based upon the shared masterKey. Add tests for checking/comparing output. NB: For hotplug, since the hotplug code doesn't add command line arguments, passing the encoded secret directly to the monitor will suffice.
2016-04-11 15:26:14 +00:00
#include "virrandom.h"
qemuxml2argvtest: Adapt to ethernet automatic tap creation After 9c17d665fdc5 the tap device for ethernet network type is automatically precreated before spawning qemu. Problem is, the qemuxml2argvtest wasn't updated and thus is failing. Because of all the APIs that new code is calling, I had to mock a lot. Also, since the tap FDs are labeled separately from the rest of the devices/files I had to enable NOP security driver for the test too. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-23 15:19:26 +00:00
#include "virscsi.h"
tpm: adapt sysfs cancel path for new TPM driver This patch addresses BZ 1244895. Adapt the sysfs TPM command cancel path for the TPM driver that does not use a miscdevice anymore since Linux 4.0. Support old and new paths and check their availability. Add a mockup for the test cases to avoid the testing for availability of the cancel path. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2015-11-18 00:44:13 +00:00
#include "virstring.h"
#include "virtpm.h"
qemuxml2argvtest: Adapt to ethernet automatic tap creation After 9c17d665fdc5 the tap device for ethernet network type is automatically precreated before spawning qemu. Problem is, the qemuxml2argvtest wasn't updated and thus is failing. Because of all the APIs that new code is calling, I had to mock a lot. Also, since the tap FDs are labeled separately from the rest of the devices/files I had to enable NOP security driver for the test too. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-23 15:19:26 +00:00
#include "virutil.h"
qemuxml2argvmock: Mock time() on non-linux platforms too The qemuxml2argvtest is run on more platforms than linux. For instance FreeBSD. On these platforms we are, however, not mocking time() which results in current time being fetched from system and hence tests number 32 and 33 failing. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-02-06 12:54:53 +00:00
#include <time.h>
Make tests independant of system page size Some code paths have special logic depending on the page size reported by sysconf, which in turn affects the test results. We must mock this so tests always have a consistent page size.
2015-02-02 10:26:49 +00:00
#include <unistd.h>
tpm: adapt sysfs cancel path for new TPM driver This patch addresses BZ 1244895. Adapt the sysfs TPM command cancel path for the TPM driver that does not use a miscdevice anymore since Linux 4.0. Support old and new paths and check their availability. Add a mockup for the test cases to avoid the testing for availability of the cancel path. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2015-11-18 00:44:13 +00:00
#define VIR_FROM_THIS VIR_FROM_NONE
Make tests independant of system page size Some code paths have special logic depending on the page size reported by sysconf, which in turn affects the test results. We must mock this so tests always have a consistent page size.
2015-02-02 10:26:49 +00:00
long virGetSystemPageSize(void)
{
return 4096;
}
qemuxml2argvtest: Test localtime clock basis When trying to introduce a test for previous patch, I've noticed that the command line is constructed using current time. This won't work in our test suite (unless you guys wants to set a specific time prior to each test run :) ). Therefore we need to mock calls to time(2) to return the same value every time it's called. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-02-05 14:18:46 +00:00
time_t time(time_t *t)
{
const time_t ret = 1234567890;
if (t)
*t = ret;
return ret;
}
numatune: add check for numatune nodeset range There was no check for 'nodeset' attribute in numatune-related elements. This patch adds validation that any nodeset specified does not exceed maximum host node. Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
2014-11-04 02:44:40 +00:00
int
virNumaGetMaxNode(void)
{
const int maxnodesNum = 7;
return maxnodesNum;
}
numa: split util/ and conf/ and support non-contiguous nodesets This is a reaction to Michal's fix [1] for non-NUMA systems that also splits out conf/ out of util/ because libvirt_util shouldn't require libvirt_conf if it is the other way around. This particular use case worked, but we're trying to avoid it as mentioned [2], many times. The only functions from virnuma.c that needed numatune_conf were virDomainNumatuneNodesetIsAvailable() and virNumaSetupMemoryPolicy(). The first one should be in numatune_conf as it works with virDomainNumatune, the second one just needs nodeset and mode, both of which can be passed without the need of numatune_conf. Apart from fixing that, this patch also fixes recently added code (between commits d2460f85^..5c8515620) that doesn't support non-contiguous nodesets. It uses new function virNumaNodesetIsAvailable(), which doesn't need a stub as it doesn't use any libnuma functions, to check if every specified nodeset is available. [1] https://www.redhat.com/archives/libvir-list/2014-November/msg00118.html [2] http://www.redhat.com/archives/libvir-list/2011-June/msg01040.html Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-11-06 11:16:54 +00:00
#if WITH_NUMACTL && HAVE_NUMA_BITMASK_ISBITSET
/*
* In case libvirt is compiled with full NUMA support, we need to mock
* this function in order to fake what numa nodes are available.
*/
bool
virNumaNodeIsAvailable(int node)
{
return node >= 0 && node <= virNumaGetMaxNode();
}
#endif /* WITH_NUMACTL && HAVE_NUMA_BITMASK_ISBITSET */
tpm: adapt sysfs cancel path for new TPM driver This patch addresses BZ 1244895. Adapt the sysfs TPM command cancel path for the TPM driver that does not use a miscdevice anymore since Linux 4.0. Support old and new paths and check their availability. Add a mockup for the test cases to avoid the testing for availability of the cancel path. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2015-11-18 00:44:13 +00:00
char *
virTPMCreateCancelPath(const char *devpath)
{
char *path;
(void)devpath;
ignore_value(VIR_STRDUP(path, "/sys/class/misc/tpm0/device/cancel"));
return path;
}
test: qemuxml2argv: Mock virMemoryMaxValue to remove 32/64 bit difference Always return LLONG_MAX even on 32 bit systems. The limitation originates from our use of "unsigned long" in several APIs. The internal data type is unsigned long long. Make the test suite deterministic by removing the architecture difference. Flaw was introduced in 645881139b3d2c86acf9d644c3a1471520bc9e57 where I've added a test that uses too large numbers.
2015-12-10 13:36:51 +00:00
/**
* Large values for memory would fail on 32 bit systems, despite having
* variables that support it.
*/
unsigned long long
virMemoryMaxValue(bool capped ATTRIBUTE_UNUSED)
{
return LLONG_MAX;
}
qemuxml2argv: Mock virSCSIDeviceGetSgName When constructing SCSI hostdev command line for qemu, the /sys/bus/scsi/devices/... dir is scanned. Unfortunately, even in the tests. This is needed to determine the name of SCSI device to passthrough to qemu, because in the domain XML we were given its address instead. Anyway, we should not be touching live system data in our test suite as it produced unpredictable results. The test is regressing from 1e9a083742efe on. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-23 08:57:06 +00:00
char *
virSCSIDeviceGetSgName(const char *sysfs_prefix ATTRIBUTE_UNUSED,
const char *adapter ATTRIBUTE_UNUSED,
unsigned int bus ATTRIBUTE_UNUSED,
unsigned int target ATTRIBUTE_UNUSED,
unsigned long long unit ATTRIBUTE_UNUSED)
{
char *ret;
ignore_value(VIR_STRDUP(ret, "sg0"));
return ret;
}
qemuxml2argvtest: Adapt to ethernet automatic tap creation After 9c17d665fdc5 the tap device for ethernet network type is automatically precreated before spawning qemu. Problem is, the qemuxml2argvtest wasn't updated and thus is failing. Because of all the APIs that new code is calling, I had to mock a lot. Also, since the tap FDs are labeled separately from the rest of the devices/files I had to enable NOP security driver for the test too. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-23 15:19:26 +00:00
int
virNetDevTapCreate(char **ifname,
const char *tunpath ATTRIBUTE_UNUSED,
int *tapfd,
size_t tapfdSize,
unsigned int flags ATTRIBUTE_UNUSED)
{
size_t i;
for (i = 0; i < tapfdSize; i++)
tapfd[i] = STDERR_FILENO + 1 + i;
qemuxml2argvmock: Don't leak @netdef->ifname In the mock, we have a stub for virNetDevTapCreate(). However, the mocked version does not exactly as it's native counterpart. The function receives a string, which is an interface name that caller would like to have, but it's not guaranteed that they will get just that one. If they don't, the function free()-s the one passed and returns the new one. Just like the mocked version. But what is the mocked version missing is the free(). ==1068== 6 bytes in 1 blocks are definitely lost in loss record 9 of 132 ==1068== at 0x4C29F80: malloc (vg_replace_malloc.c:296) ==1068== by 0xDE13356: xmlStrndup (in /usr/lib64/libxml2.so.2.9.4) ==1068== by 0xAE2333E: virXMLPropString (virxml.c:479) ==1068== by 0xAE45975: virDomainNetDefParseXML (domain_conf.c:9038) ==1068== by 0xAE5C0BB: virDomainDefParseXML (domain_conf.c:16734) ==1068== by 0xAE5EB96: virDomainDefParseNode (domain_conf.c:17444) ==1068== by 0xAE5EA05: virDomainDefParse (domain_conf.c:17391) ==1068== by 0xAE5EA93: virDomainDefParseFile (domain_conf.c:17415) ==1068== by 0x433430: testCompareXMLToArgvFiles (qemuxml2argvtest.c:278) ==1068== by 0x433A18: testCompareXMLToArgvHelper (qemuxml2argvtest.c:414) ==1068== by 0x446ED4: virTestRun (testutils.c:179) ==1068== by 0x43A099: mymain (qemuxml2argvtest.c:1016) Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-07-09 06:57:46 +00:00
VIR_FREE(*ifname);
qemuxml2argvtest: Adapt to ethernet automatic tap creation After 9c17d665fdc5 the tap device for ethernet network type is automatically precreated before spawning qemu. Problem is, the qemuxml2argvtest wasn't updated and thus is failing. Because of all the APIs that new code is calling, I had to mock a lot. Also, since the tap FDs are labeled separately from the rest of the devices/files I had to enable NOP security driver for the test too. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-23 15:19:26 +00:00
return VIR_STRDUP(*ifname, "vnet0");
}
int
virNetDevSetMAC(const char *ifname ATTRIBUTE_UNUSED,
const virMacAddr *macaddr ATTRIBUTE_UNUSED)
{
return 0;
}
Clean up after virNetDevIP creation Commit cf0568b0af4e moved a bunch of functions from virNetDev to the more specific virNetDevIP; however, not all of the existing uses were moved properly, causing build failures on FreeBSD. Complete the transition to the new names and drop the obsolete declarations from the header file while at it.
2016-06-27 10:17:59 +00:00
int virNetDevIPAddrAdd(const char *ifname ATTRIBUTE_UNUSED,
virSocketAddr *addr ATTRIBUTE_UNUSED,
virSocketAddr *peer ATTRIBUTE_UNUSED,
unsigned int prefix ATTRIBUTE_UNUSED)
tests: mock virNetDevSetIPAddress Now that we can include <interface type='ethernet'> in tests, we could almost test XML that has an <ip> element in an interface. Except that the test fails when it tries to actually set the IP address for the interface's tap device. This patch mocks virNetDevSetIPAddress() to just return success.
2016-04-26 16:49:48 +00:00
{
return 0;
}
qemu domain allow to set ip address, peer address and route Signed-off-by: Vasiliy Tolstov <v.tolstov@selfip.ru>
2016-04-04 21:00:06 +00:00
int
virNetDevSetOnline(const char *ifname ATTRIBUTE_UNUSED,
bool online ATTRIBUTE_UNUSED)
{
return 0;
}
qemuxml2argvtest: Adapt to ethernet automatic tap creation After 9c17d665fdc5 the tap device for ethernet network type is automatically precreated before spawning qemu. Problem is, the qemuxml2argvtest wasn't updated and thus is failing. Because of all the APIs that new code is calling, I had to mock a lot. Also, since the tap FDs are labeled separately from the rest of the devices/files I had to enable NOP security driver for the test too. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-23 15:19:26 +00:00
int
qemuxml2argvtest: do not mock virCommand Mock virNetDevRunEthernetScript instead. This restores the VIR_TEST_REGENERATE_OUTPUT functionality.
2016-04-13 08:36:00 +00:00
virNetDevRunEthernetScript(const char *ifname ATTRIBUTE_UNUSED,
const char *script ATTRIBUTE_UNUSED)
qemuxml2argvtest: Adapt to ethernet automatic tap creation After 9c17d665fdc5 the tap device for ethernet network type is automatically precreated before spawning qemu. Problem is, the qemuxml2argvtest wasn't updated and thus is failing. Because of all the APIs that new code is calling, I had to mock a lot. Also, since the tap FDs are labeled separately from the rest of the devices/files I had to enable NOP security driver for the test too. Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-23 15:19:26 +00:00
{
return 0;
}
void
virCommandPassFD(virCommandPtr cmd ATTRIBUTE_UNUSED,
int fd ATTRIBUTE_UNUSED,
unsigned int flags ATTRIBUTE_UNUSED)
{
/* nada */
}
qemu: Utilize qemu secret objects for RBD auth/secret https://bugzilla.redhat.com/show_bug.cgi?id=1182074 If they're available and we need to pass secrets to qemu, then use the qemu domain secret object in order to pass the secrets for RBD volumes instead of passing the base64 encoded secret on the command line. The goal is to make AES secrets the default and have no user interaction required in order to allow using the AES mechanism. If the mechanism is not available, then fall back to the current plain mechanism using a base64 encoded secret. New APIs: qemu_domain.c: qemuDomainGetSecretAESAlias: Generate/return the secret object alias for an AES Secret Info type. This will be called from qemuDomainSecretAESSetup. qemuDomainSecretAESSetup: (private) This API handles the details of the generation of the AES secret and saves the pieces that need to be passed to qemu in order for the secret to be decrypted. The encrypted secret based upon the domain master key, an initialization vector (16 byte random value), and the stored secret. Finally, the requirement from qemu is the IV and encrypted secret are to be base64 encoded. qemu_command.c: qemuBuildSecretInfoProps: (private) Generate/return a JSON properties object for the AES secret to be used by both the command building and eventually the hotplug code in order to add the secret object. Code was designed so that in the future perhaps hotplug could use it if it made sense. qemuBuildObjectSecretCommandLine (private) Generate and add to the command line the -object secret for the secret. This will be required for the subsequent RBD reference to the object. qemuBuildDiskSecinfoCommandLine (private) Handle adding the AES secret object. Adjustments: qemu_domain.c: The qemuDomainSecretSetup was altered to call either the AES or Plain Setup functions based upon whether AES secrets are possible (we have the encryption API) or not, we have secrets, and of course if the protocol source is RBD. qemu_command.c: Adjust the qemuBuildRBDSecinfoURI API's in order to generate the specific command options for an AES secret, such as: -object secret,id=$alias,keyid=$masterKey,data=$base64encodedencrypted, format=base64 -drive file=rbd:pool/image:id=myname:auth_supported=cephx\;none:\ mon_host=mon1.example.org\:6321,password-secret=$alias,... where the 'id=' value is the secret object alias generated by concatenating the disk alias and "-aesKey0". The 'keyid= $masterKey' is the master key shared with qemu, and the -drive syntax will reference that alias as the 'password-secret'. For the -drive syntax, the 'id=myname' is kept to define the username, while the 'key=$base64 encoded secret' is removed. While according to the syntax described for qemu commit '60390a21' or as seen in the email archive: https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg04083.html it is possible to pass a plaintext password via a file, the qemu commit 'ac1d8878' describes the more feature rich 'keyid=' option based upon the shared masterKey. Add tests for checking/comparing output. NB: For hotplug, since the hotplug code doesn't add command line arguments, passing the encoded secret directly to the monitor will suffice.
2016-04-11 15:26:14 +00:00
uint8_t *
virCryptoGenerateRandom(size_t nbytes)
{
uint8_t *buf;
if (VIR_ALLOC_N(buf, nbytes) < 0)
return NULL;
ignore_value(virRandomBytes(buf, nbytes));
return buf;
}
Reference in New Issue Copy Permalink