6284 Commits

Author SHA1 Message Date
Ján Tomko
e2929598db tests: commandtest: use g_autoptr for virCommand
Except for a few cases where freeing it explicitly
seems to be done on purpose.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2020-08-03 07:23:45 +02:00
Ján Tomko
363dd1b5e5 tests: commandtest: use g_autofree
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2020-08-03 07:23:45 +02:00
Ján Tomko
ad8d52909c tests: commandtest: remove unused 'prefix' parameter
The 'checkoutput' function does have a parameter for a possible
prefix, but it is now unused.

Introduced-by: 241ac07124a3172dc38198d777eb3f04846f6c52
Used-by: 62f263a73e8202f2af7309d10000a3b9a66e6b57
Unused-since: 2dfacbffea47743fff942b6401f5f36b3ae4655a

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2020-08-03 07:23:45 +02:00
Peter Krempa
7877e0d2e4 tests: qemucapabitilies: Bump for 5.1 caps to rc2 for x86_64
Note that 'numa-mem-supported' turned off for certain machine types
which in turn forced us to generate a newer command line in certain
tests.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-07-31 10:27:51 +02:00
Peter Krempa
bfe82ec142 tests: qemuxml2argv: Lock in "disk-network-tlsx509-vxhs" case to qemu-5.0.0
QEMU 5.1 will drop the vxhs driver.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-07-31 10:27:51 +02:00
Peter Krempa
e34097750a tests: qemu: Split NBD and VXHS protocol tests
QEMU is going to drop 'vxhs' in the upcoming release so we'll need to
track these separately to prevent test suite breakage.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-07-31 10:27:50 +02:00
Peter Krempa
4a2cbf2108 tests: qemuxml2argv: Use only modern versions of 'disk-network-tlsx509' test
We already test with real caps so there's no real need for this special
case. While it technically tested the state without TLS encryption key
secrets, it doesn't really matter that much.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-07-31 10:27:50 +02:00
Peter Krempa
6ae53a1509 tests: commandtest: Make 'test4' checking daemonization more reliable
The 'commandhelper' checks effectively whether the parent process is
still around to report whether it was daemonized or not.

This creates a unlikely race condition in cases when we do actually
daemonize the process as the intermediate process used for the
daemonization might not have terminated yet which would report wrong
result leading to test failure.

For now there's just 'test4' which actually daemonizes the process.

Add an argument '--check-daemonize' which asks for retries of the
daemonization check in cases where we expect that the commandhelper is
going to be daemonized and use it in 'test4' to make the test more
reliable.

I've observed the test failure sporadically when my box is under load
e.g. while building two trees at once.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-07-27 15:44:38 +02:00
Daniel P. Berrangé
bb8ccb050d conf: add control over COW for storage pool directories
The storage pool code now attempts to disable COW by default on btrfs,
but management applications may wish to override this behaviour. Thus we
introduce a concept of storage pool features:

  <features>
    <cow state='yes|no'/>
  </features>

If the <cow> feature policy is set, it will be enforced. It will always
return an hard error if COW cannot be explicitly set or unset.

Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-07-23 16:18:09 +01:00
Bastien Orivel
d3aa28925f Add a check attribute on the mac address element
This is only used in the ESX driver where, when set to "no", it will
ignore all the checks libvirt does about the origin of the MAC address
(whether or not it's in a VMWare OUI) and forward the original one to
the ESX server telling it not to check it either.

This allows keeping a deterministic MAC address which can be useful for
licensed software which might dislike changes.

Signed-off-by: Bastien Orivel <bastien.orivel@diateam.net>

VMX conversion parts rewritten to apply on top of previously merged
support for type='generated|static'

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-07-23 16:11:39 +01:00
Daniel P. Berrangé
80975c3c84 vmx: support outputing the type attribute for MAC addresses
When support for MAC addresses having a type='static|generated'
attribute was added in:

  commit 454e5961abf40c14f8b6d7ee216229e68fd170bf
  Author: Bastien Orivel <bastien.orivel@diateam.net>
  Date:   Mon Jul 13 16:28:53 2020 +0200

    Add a type attribute on the mac address element

the VMX -> XML parser was not updated. As a result while we
accept the 'type' attribute on input, we never show it again
on 'output', so we loose information during the roundtrip.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-07-23 16:11:35 +01:00
Daniel P. Berrangé
6d3cb071b4 vmx: fix logic handling mac address type
With the current formatter, the XML snippets:

    <interface type='bridge'>
      <mac address='00:0c:29:dd:ee:fe' type='static'/>
      <source bridge='br1'/>
    </interface>
    <interface type='bridge'>
      <mac address='aa:bb:cc:dd:ee:fd' type='generated'/>
      <source bridge='br2'/>
    </interface>

result in

 ethernet1.present = "true"
 ethernet1.networkName = "br1"
 ethernet1.connectionType = "bridged"
 ethernet1.addressType = "static"
 ethernet1.address = "00:0c:29:dd:ee:fe"
 ethernet1.checkMACAddress = "false"

 ethernet2.present = "true"
 ethernet2.networkName = "br2"
 ethernet2.connectionType = "bridged"
 ethernet2.addressType = "static"
 ethernet2.address = "aa:bb:cc:dd:ee:fd"
 ethernet2.checkMACAddress = "false"

which is flawed, as both type='static' and type='generated' in the XML
turn into 'static' in the VMX config.

The existence of the 'static' attribute is further overriding whether
the checkMACAddress config option is set as a side effect.

Both these pieces of flawed logic were introduced in

  commit 454e5961abf40c14f8b6d7ee216229e68fd170bf
  Author: Bastien Orivel <bastien.orivel@diateam.net>
  Date:   Mon Jul 13 16:28:53 2020 +0200

    Add a type attribute on the mac address element

which intentionally added the 'checkMACAddress' side effect based on
the 'type' attribute.

With this change, we're reverting the handling of checkMACAddress
to match what existed historically. The 'type' attribute now directly
maps to the addressType attribute, so the above config becomes:

 ethernet1.present = "true"
 ethernet1.networkName = "br1"
 ethernet1.connectionType = "bridged"
 ethernet1.addressType = "static"
 ethernet1.address = "00:0c:29:dd:ee:fe"

 ethernet2.present = "true"
 ethernet2.networkName = "br2"
 ethernet2.connectionType = "bridged"
 ethernet2.addressType = "generated"
 ethernet2.generatedAddress = "aa:bb:cc:dd:ee:fd"
 ethernet2.generatedAddressOffset = "0"

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-07-23 16:11:31 +01:00
Daniel P. Berrangé
5e9d6b3a46 tests: don't mock the time() function on mingw
The mingw header define time() as a static inline function and this
causes a duplicate definition build failure. Since we're not using the
LD_PRELOAD at all on Mingw, we ideally wouldn't compile any of the
mock libraries. Rather than change the build system now though, this
just stubs out the offending function.

Reviewed-by: Laine Stump <laine@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-07-23 14:58:16 +01:00
Peter Krempa
9d039863e2 qemu: block: Remove 'active-write' bitmap even if there are no bitmaps to merge
The 'libvirt-tmp-activewrite' bitmap is added during the 'pivot'
operation of block copy and active layer block commit operations
regardless of whether there are any bitmaps to merge, but was not
removed unless a bitmap was merged. This meant that subsequent attempts
to merge into the same image would fail.

Fix it by checking whether the 'libvirt-tmp-activewrite' would be used
by the code and don't skip the code which would delete it.

This is a regression introduced when we switched to the new code for
block commit in <20a7abc2d2d> and for block copy in <7bfff40fdfe5>. The
actual bug originates from <4fa8654ece>.

https://bugzilla.redhat.com/show_bug.cgi?id=1857735

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-07-21 09:52:59 +02:00
Laine Stump
cc5da62bbd replace g_new() with g_new0() for consistency
g_new() is used in only 3 places. Switching them to g_new0() will do
no harm, reduces confusion, and helps me sleep better at night knowing
that all allocated memory is initialized to 0 :-) (Yes, I *know* that
in all three cases the associated memory is immediately assigned some
other value. Today.)

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-07-20 19:08:07 -04:00
Peter Krempa
30932473e1 qemu: caps: Enable QEMU_CAPS_BLOCKDEV_HOSTDEV_SCSI
Enable it when regular QEMU_CAPS_BLOCKDEV is present.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-07-17 07:41:21 +02:00
Peter Krempa
dd339e86db qemu: domain: Regenerate hostdev source private data
When upgrading from a libvirt which didn't format private data of a
virStorageSource representing an iSCSI hostdev source, we might need to
generate some internal data so that the code still works as if it was
present in the status XML.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-07-17 07:41:20 +02:00
Peter Krempa
6306f88df0 qemustatusxml2xmltest: Add tests for iSCSI hostdev private data handling
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-07-17 07:41:20 +02:00
Peter Krempa
d73c5eda63 qemuBlockStorageSourceGetBackendProps: Convert boolean arguments to flags
Upcoming commit will need to add another flag for the function so
convert it to a bitwise-or'd array of flags to prevent having 4
booleans.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-07-17 07:41:20 +02:00
Michal Privoznik
e71e13488d Substitute security_context_t with char *
Historically, we've used security_context_t for variables passed
to libselinux APIs. But almost 7 years ago, libselinux developers
admitted in their API that in fact, it's just a 'char *' type
[1]. Ever since then the APIs accept 'char *' instead, but they
kept the old alias just for API stability. Well, not anymore [2].

1: 9eb9c93275
2: 7a124ca275

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2020-07-15 14:31:07 +02:00
Andrea Bolognani
deceb1e09f tests: Minimize variable scope
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-07-15 12:52:24 +02:00
Andrea Bolognani
efe6429910 tests: Don't assume IPv4 connectivity is available
If the host doesn't have a single IPv4 address assigned to any of
its interfaces, not even the loopback one, then virnetsockettest
will fail with

  Cannot identify IPv4/6 availability

because, while the IPv6 bind attempt is conditional, the IPv4 one
is not, and in this case it will always fail.

This commit is better viewed with 'git show -w'.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-07-15 12:52:20 +02:00
Bastien Orivel
454e5961ab Add a type attribute on the mac address element
This is only used in the ESX driver where, when set to "static", it will
ignore all the checks libvirt does about the origin of the MAC address
(whether or not it's in a VMWare OUI) and forward the original one to
the ESX server telling it not to check it either.

This allows keeping a deterministic MAC address which can be useful for
licensed software which might dislike changes.

Signed-off-by: Bastien Orivel <bastien.orivel@diateam.net>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-07-13 18:47:44 +02:00
Pavel Hrdina
d3a1a3d708 m4: virt-secdriver-selinux: drop obsolete function checks
All of the listed functions are available in libselinux version 2.2.
Our supported OSes start with version 2.5 so there is no need to check
it.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-07-10 16:07:02 +02:00
Pavel Hrdina
78e76a8a42 tests: use WITH_NSS instead of NSS
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-07-10 09:40:58 +02:00
Pavel Hrdina
966a0a75cc tests: commandhelper: change how we detect if running as daemon
The old code works correctly with make and running directly from shell
but it failed with Meson test suite where session ID and process group
are the same in both cases.

What changes in both cases is parent process ID so use that instead of
session ID.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-07-10 09:40:55 +02:00
Pavel Hrdina
f3b0261e1c m4: virt-selinux: drop check for selabel_open signature change
All supported OSes have at least libselinux version 2.5 so it's safe
to drop this check.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-07-10 09:40:27 +02:00
Pavel Hrdina
66e39b6e20 Makefile: drop undefined LIB_CLOCK_GETTIME
This was introduced together with clock-time gnulib module by commit
<d74e5a4dfc434d3a1d01856d013a7f50d910fa95> and removed from libvirt
by commit <86d223a762990c9d529065a2d3b30b6a00ea63dd>.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-07-10 09:40:06 +02:00
Pavel Hrdina
9bc09df873 configure: introduce FLAT_NAMESPACE_FLAGS
Set FLAT_NAMESPACE_FLAGS to -Wl,-flat_namespace in configure only for
macOS and use it unconditionally in Makefiles.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-07-10 09:40:02 +02:00
Laine Stump
cf1ec5daac use g_autoptr() for all usages of virFirewallNew/Free
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-07-08 16:36:19 -04:00
Laine Stump
7f141a1c62 tests: eliminate unnecessary labels
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-07-08 16:35:54 -04:00
Laine Stump
25c23b95b6 tests: use g_auto for all virBuffers
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-07-08 16:34:09 -04:00
Michal Privoznik
aeecbc87b7 qemu: Build HMAT command line
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1786303

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-07-08 12:05:24 +02:00
Michal Privoznik
c2f15f1b18 qemu: Introduce QEMU_CAPS_NUMA_HMAT capability
This capability tracks whether QEMU is capable of defining HMAT
ACPI table for the guest.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-07-08 12:05:24 +02:00
Michal Privoznik
a89bbbac86 conf: Parse and format HMAT
To cite ACPI specification:

  Heterogeneous Memory Attribute Table describes the memory
  attributes, such as memory side cache attributes and bandwidth
  and latency details, related to the System Physical Address
  (SPA) Memory Ranges. The software is expected to use this
  information as hint for optimization.

According to our upstream discussion [1] this is exposed under
<numa/> as <cache/> under NUMA <cell/> and <latency> or
<bandwidth/> under numa/latencies.

1: https://www.redhat.com/archives/libvir-list/2020-January/msg00422.html

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-07-08 12:05:24 +02:00
Michal Privoznik
a26f61ee0c Allow NUMA nodes without vCPUs
QEMU allows creating NUMA nodes that have memory only.
These are somehow important for HMAT.

With check done in qemuValidateDomainDef() for QEMU 2.7 or newer
(checked via QEMU_CAPS_NUMA), we can be sure that the vCPUs are
fully assigned to NUMA nodes in domain XML.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-07-08 12:05:24 +02:00
Michal Privoznik
afb1ea6776 qemuxml2xmltest: Add "numatune-distance" test case
This test case checks that expanding NUMA distance works. On
input we accept if only distance from A to B is specified. On the
output we format the B to A distance too.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-07-08 12:05:24 +02:00
Peter Krempa
e95da4e5bf qemuBuildMemoryBackendProps: Use boolean type for 'pmem' property
Commit 82576d8f35e used a string "on" to enable the 'pmem' property.
This is okay for the command line visitor, but the property is declared
as boolean in qemu and thus it will not work when using QMP.

Modify the type to boolean. This changes the command line, but
fortunately the command line visitor in qemu parses both 'yes' and 'on'
as true for the property.

https://bugzilla.redhat.com/show_bug.cgi?id=1854684

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-07-08 11:40:18 +02:00
Peter Krempa
7e5b993d3b backup: Allow configuring incremental backup per-disk individually
The semantics of the backup operation don't strictly require that all
disks being backed up are part of the same incremental part (when a disk
was checkpointed/backed up separately or in a different VM), or even
they may not have a previous checkpoint at all (e.g. when the disk
was freshly hotplugged to the vm).

In such cases we can still create a common checkpoint for all of them
and backup differences according to configuration.

This patch adds a per-disk configuration of the checkpoint to do the
incremental backup from via the 'incremental' attribute and allows
perform full backups via the 'backupmode' attribute.

Note that no changes to the qemu driver are necessary to take advantage
of this as we already obey the per-disk 'incremental' field.

https://bugzilla.redhat.com/show_bug.cgi?id=1829829

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-07-08 08:40:30 +02:00
Peter Krempa
6f33e441e2 backupxml2xmltest: Call 'virDomainBackupAlignDisks' before formatting output
Call the post-processing function so that we can validate that it does
the correct thing.

virDomainBackupAlignDisks requires disk definitions to be present so
let's fake them by copying disks from the backup definition and add one
extra disk 'vdextradisk'.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-07-08 08:40:30 +02:00
Peter Krempa
5c08a3739b backupxml2xmltest: Remove output symlink of 'backup-pull-internal-invalid'
Replace the output by a copy of the input file for further changes once
we start testing virDomainBackupAlignDisks.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-07-08 08:40:30 +02:00
Peter Krempa
fc6aaf6a19 conf: backup: Add 'tls' attribute for 'server' element
Allow enabling TLS for the NBD server used to do pull-mode backups. Note
that documentation already mentions 'tls', so this just implements the
schema and XML bits.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-07-07 12:58:19 +02:00
Peter Krempa
fffc147ba2 conf: backup: Store 'tlsAlias' and 'tlsSecretAlias' as internals of a backup
Add fields for storing the aliases necessary to clean up the TLS env for
a backup job after it finishes.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-07-07 12:58:19 +02:00
Peter Krempa
bfd9721671 testCompareBackupXML: Add infrastructure for testing internal fields
There are few internal fields of the backup XML. Propagate the
'internal' flag so that the test can verify the XML infrastructure.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-07-07 12:58:19 +02:00
Peter Krempa
a94997c476 conf: checkpoint: Add a flag storing whether disk 'size' is valid
Avoid printing '0' size in case when we weren't able to determine the
backup size by adding a flag whether the size is valid and interlock
printing of the field according to the flag.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-07-07 12:58:19 +02:00
Peter Krempa
ab7b3167b3 tests: qemuxml2argv: Test encrypted TLS key for nbd/vxhs disks
Add a dummy secret so that we see what command line is generated.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-07-07 12:58:19 +02:00
Peter Krempa
a3cbbc5afb qemu: domain: Add infrastructure passing in TLS key's decryption key via 'secret'
Store the required data in the private data of a storage source and
ensure that the 'alias' of the secret is formatted in the status XML.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-07-07 12:58:18 +02:00
Michal Privoznik
c3fa17cd9a virnettlshelpers: Update private key
With the recent update of Fedora rawhide I've noticed
virnettlssessiontest and virnettlscontexttest failing with:

  Our own certificate servercertreq-ctx.pem failed validation
  against cacertreq-ctx.pem: The certificate uses an insecure
  algorithm

This is result of Fedora changes to support strong crypto [1]. RSA
with 1024 bit key is viewed as legacy and thus insecure. Generate
a new private key then. Moreover, switch to EC which is not only
shorter but also not deprecated that often as RSA. Generated
using the following command:

  openssl genpkey --outform PEM --out privkey.pem \
  --algorithm EC --pkeyopt ec_paramgen_curve:P-384 \
  --pkeyopt ec_param_enc:named_curve

1: https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-07-01 13:26:04 +02:00
Michal Privoznik
b150fbc4fe qemuhotplugtest: Free monitor iff successfully initialized
If initializing test monitor in testQemuHotplugCpuPrepare()
fails, the control jumps to error label where
testQemuHotplugCpuDataFree() is called. But since the data->mon
is NULL due to aforementioned failure,
qemuMonitorTestGetMonitor() dereferences a NULL pointer leading
to a SIGSEGV.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2020-06-29 12:38:22 +02:00
Shalini Chellathurai Saroja
18351b1cdf tests: add test with PCI and CCW device
Add test with a ZPCI host device and a CCW memballoon device to ensure
that CCW address remains the default address assigned.

Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Signed-off-by: Shalini Chellathurai Saroja <shalini@linux.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2020-06-26 18:53:51 +02:00