From 17d34b482b15913811156792b35a5dd29b57b965 Mon Sep 17 00:00:00 2001 From: Peter Krempa Date: Apr 30 2018 12:57:53 +0000 Subject: qemu: monitor: Add 'tls-creds' parameter to 'nbd-server-start' command To allow encryption of the non-shared storage migration NBD connection we will need to instantiated the NBD server with the TLS env. Signed-off-by: Peter Krempa Reviewed-by: Daniel P. Berrangé --- diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index 1a85732..a54263f 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -411,7 +411,7 @@ qemuMigrationDstStartNBDServer(virQEMUDriverPtr driver, else if (virPortAllocatorAcquire(driver->migrationPorts, &port) < 0) goto exit_monitor; - if (qemuMonitorNBDServerStart(priv->mon, listenAddr, port) < 0) + if (qemuMonitorNBDServerStart(priv->mon, listenAddr, port, NULL) < 0) goto exit_monitor; } diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index f642d9a..8c26ee6 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -3999,13 +3999,14 @@ qemuMonitorGetGICCapabilities(qemuMonitorPtr mon, int qemuMonitorNBDServerStart(qemuMonitorPtr mon, const char *host, - unsigned int port) + unsigned int port, + const char *tls_alias) { - VIR_DEBUG("host=%s port=%u", host, port); + VIR_DEBUG("host=%s port=%u tls_alias=%s", host, port, NULLSTR(tls_alias)); QEMU_CHECK_MONITOR_JSON(mon); - return qemuMonitorJSONNBDServerStart(mon, host, port); + return qemuMonitorJSONNBDServerStart(mon, host, port, tls_alias); } diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index d6b68b4..a93844f 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -1052,7 +1052,8 @@ char *qemuMonitorGetTargetArch(qemuMonitorPtr mon); int qemuMonitorNBDServerStart(qemuMonitorPtr mon, const char *host, - unsigned int port); + unsigned int port, + const char *tls_alias); int qemuMonitorNBDServerAdd(qemuMonitorPtr mon, const char *deviceID, bool writable); diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index 24d37eb..05ac8d0 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -6396,7 +6396,8 @@ qemuMonitorJSONBuildUnixSocketAddress(const char *path) int qemuMonitorJSONNBDServerStart(qemuMonitorPtr mon, const char *host, - unsigned int port) + unsigned int port, + const char *tls_alias) { int ret = -1; virJSONValuePtr cmd = NULL; @@ -6412,6 +6413,7 @@ qemuMonitorJSONNBDServerStart(qemuMonitorPtr mon, if (!(cmd = qemuMonitorJSONMakeCommand("nbd-server-start", "a:addr", &addr, + "S:tls-creds", tls_alias, NULL))) goto cleanup; diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index 665da27..ed5f29b 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -449,7 +449,8 @@ char *qemuMonitorJSONGetTargetArch(qemuMonitorPtr mon); int qemuMonitorJSONNBDServerStart(qemuMonitorPtr mon, const char *host, - unsigned int port); + unsigned int port, + const char *tls_alias); int qemuMonitorJSONNBDServerAdd(qemuMonitorPtr mon, const char *deviceID, bool writable); diff --git a/tests/qemumonitorjsontest.c b/tests/qemumonitorjsontest.c index f8d39c3..9a83c9a 100644 --- a/tests/qemumonitorjsontest.c +++ b/tests/qemumonitorjsontest.c @@ -1350,7 +1350,7 @@ GEN_TEST_FUNC(qemuMonitorJSONBlockCommit, "vdb", "/foo/bar1", "/foo/bar2", NULL, GEN_TEST_FUNC(qemuMonitorJSONDrivePivot, "vdb") GEN_TEST_FUNC(qemuMonitorJSONScreendump, "/foo/bar") GEN_TEST_FUNC(qemuMonitorJSONOpenGraphics, "spice", "spicefd", false) -GEN_TEST_FUNC(qemuMonitorJSONNBDServerStart, "localhost", 12345) +GEN_TEST_FUNC(qemuMonitorJSONNBDServerStart, "localhost", 12345, "test-alias") GEN_TEST_FUNC(qemuMonitorJSONNBDServerAdd, "vda", true) GEN_TEST_FUNC(qemuMonitorJSONDetachCharDev, "serial1")