openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

qemu: Get capabilities to use iscsi password-secret argument 

Detect the capability via the query-qmp-schema for blockdev-add
to find the 'password-secret' parameter that will allow the iSCSI
code to use the master secret object to encrypt the secret for an
and only need to provide the object id of the secret on the command
line thus obsfuscating the passphrase.
This commit is contained in:
John Ferlan 2017-09-01 15:09:29 -04:00
parent 8001c2f3e4
commit 4f44b8b5ae
10 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/qemu/qemu_capabilities.c
View File

@ -451,6 +451,7 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
"sclplmconsole", "sclplmconsole",
"numa.dist", "numa.dist",
"disk-share-rw", "disk-share-rw",
"iscsi.password-secret",
); );
@ -1809,6 +1810,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsQMPSchemaQueries[] = {
{ "blockdev-add/arg-type/options/+gluster/debug-level", QEMU_CAPS_GLUSTER_DEBUG_LEVEL}, { "blockdev-add/arg-type/options/+gluster/debug-level", QEMU_CAPS_GLUSTER_DEBUG_LEVEL},
{ "blockdev-add/arg-type/+gluster/debug", QEMU_CAPS_GLUSTER_DEBUG_LEVEL}, { "blockdev-add/arg-type/+gluster/debug", QEMU_CAPS_GLUSTER_DEBUG_LEVEL},
{ "blockdev-add/arg-type/+vxhs", QEMU_CAPS_VXHS}, { "blockdev-add/arg-type/+vxhs", QEMU_CAPS_VXHS},
{ "blockdev-add/arg-type/+iscsi/password-secret", QEMU_CAPS_ISCSI_PASSWORD_SECRET },
}; };
struct virQEMUCapsObjectTypeProps { struct virQEMUCapsObjectTypeProps {

1
src/qemu/qemu_capabilities.h
View File

@ -437,6 +437,7 @@ typedef enum {
QEMU_CAPS_DEVICE_SCLPLMCONSOLE, /* -device sclplmconsole */ QEMU_CAPS_DEVICE_SCLPLMCONSOLE, /* -device sclplmconsole */
QEMU_CAPS_NUMA_DIST, /* -numa dist */ QEMU_CAPS_NUMA_DIST, /* -numa dist */
QEMU_CAPS_DISK_SHARE_RW, /* share-rw=on for concurrent disk access */ QEMU_CAPS_DISK_SHARE_RW, /* share-rw=on for concurrent disk access */
QEMU_CAPS_ISCSI_PASSWORD_SECRET, /* -drive file.driver=iscsi,...,password-secret= */
QEMU_CAPS_LAST /* this must always be the last item */ QEMU_CAPS_LAST /* this must always be the last item */
} virQEMUCapsFlags; } virQEMUCapsFlags;

1
tests/qemucapabilitiesdata/caps_2.10.0-gicv2.aarch64.xml
View File

@ -182,6 +182,7 @@
<flag name='virtio-blk.num-queues'/> <flag name='virtio-blk.num-queues'/>
<flag name='numa.dist'/> <flag name='numa.dist'/>
<flag name='disk-share-rw'/> <flag name='disk-share-rw'/>
<flag name='iscsi.password-secret'/>
<version>2010000</version> <version>2010000</version>
<kvmVersion>0</kvmVersion> <kvmVersion>0</kvmVersion>
<package> (v2.10.0)</package> <package> (v2.10.0)</package>

1
tests/qemucapabilitiesdata/caps_2.10.0-gicv3.aarch64.xml
View File

@ -182,6 +182,7 @@
<flag name='virtio-blk.num-queues'/> <flag name='virtio-blk.num-queues'/>
<flag name='numa.dist'/> <flag name='numa.dist'/>
<flag name='disk-share-rw'/> <flag name='disk-share-rw'/>
<flag name='iscsi.password-secret'/>
<version>2010000</version> <version>2010000</version>
<kvmVersion>0</kvmVersion> <kvmVersion>0</kvmVersion>
<package> (v2.10.0)</package> <package> (v2.10.0)</package>

1
tests/qemucapabilitiesdata/caps_2.10.0.ppc64.xml
View File

@ -181,6 +181,7 @@
<flag name='spapr-vty'/> <flag name='spapr-vty'/>
<flag name='numa.dist'/> <flag name='numa.dist'/>
<flag name='disk-share-rw'/> <flag name='disk-share-rw'/>
<flag name='iscsi.password-secret'/>
<version>2010000</version> <version>2010000</version>
<kvmVersion>0</kvmVersion> <kvmVersion>0</kvmVersion>
<package> (v2.10.0)</package> <package> (v2.10.0)</package>

1
tests/qemucapabilitiesdata/caps_2.10.0.s390x.xml
View File

@ -144,6 +144,7 @@
<flag name='sclplmconsole'/> <flag name='sclplmconsole'/>
<flag name='numa.dist'/> <flag name='numa.dist'/>
<flag name='disk-share-rw'/> <flag name='disk-share-rw'/>
<flag name='iscsi.password-secret'/>
<version>2010000</version> <version>2010000</version>
<kvmVersion>0</kvmVersion> <kvmVersion>0</kvmVersion>
<package></package> <package></package>

1
tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml
View File

@ -226,6 +226,7 @@
<flag name='virtio-blk.num-queues'/> <flag name='virtio-blk.num-queues'/>
<flag name='numa.dist'/> <flag name='numa.dist'/>
<flag name='disk-share-rw'/> <flag name='disk-share-rw'/>
<flag name='iscsi.password-secret'/>
<version>2010000</version> <version>2010000</version>
<kvmVersion>0</kvmVersion> <kvmVersion>0</kvmVersion>
<package> (v2.10.0)</package> <package> (v2.10.0)</package>

1
tests/qemucapabilitiesdata/caps_2.9.0.ppc64.xml
View File

@ -175,6 +175,7 @@
<flag name='virtio-blk.num-queues'/> <flag name='virtio-blk.num-queues'/>
<flag name='spapr-vty'/> <flag name='spapr-vty'/>
<flag name='disk-share-rw'/> <flag name='disk-share-rw'/>
<flag name='iscsi.password-secret'/>
<version>2009000</version> <version>2009000</version>
<kvmVersion>0</kvmVersion> <kvmVersion>0</kvmVersion>
<package> (v2.9.0)</package> <package> (v2.9.0)</package>

1
tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml
View File

@ -140,6 +140,7 @@
<flag name='virtio-blk.num-queues'/> <flag name='virtio-blk.num-queues'/>
<flag name='sclplmconsole'/> <flag name='sclplmconsole'/>
<flag name='disk-share-rw'/> <flag name='disk-share-rw'/>
<flag name='iscsi.password-secret'/>
<version>2009000</version> <version>2009000</version>
<kvmVersion>0</kvmVersion> <kvmVersion>0</kvmVersion>
<package></package> <package></package>

1
tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
View File

@ -222,6 +222,7 @@
<flag name='virtio-gpu.max_outputs'/> <flag name='virtio-gpu.max_outputs'/>
<flag name='virtio-blk.num-queues'/> <flag name='virtio-blk.num-queues'/>
<flag name='disk-share-rw'/> <flag name='disk-share-rw'/>
<flag name='iscsi.password-secret'/>
<version>2009000</version> <version>2009000</version>
<kvmVersion>0</kvmVersion> <kvmVersion>0</kvmVersion>
<package> (v2.9.0)</package> <package> (v2.9.0)</package>