aboutsummaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)AuthorFilesLines
2016-01-20iotests: Test that throttle values rangesFam Zheng3-0/+96
Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-01-20qcow2: Write full header on image creationKevin Wolf4-0/+32
When creating a qcow2 image, we didn't necessarily call qcow2_update_header(), but could end up with the basic header that qcow2_create2() created manually. One thing that this basic header lacks is the feature table. Let's make sure that it's always present. This requires a few updates to test cases as well. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2016-01-20qcow2: Write feature table only for v3 imagesKevin Wolf2-26/+1
Version 2 images don't have feature bits, so writing a feature table to those images is kind of pointless. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2016-01-20qemu-iotests: Reduce racy output in 028Eric Blake2-5/+4
On my machine, './check -qcow2 028' was failing about 80% of the time, due to a race in how many times the repeated attempts to run 'info block-jobs' could occur before the job was done, showing up as a failure of fewer '(qemu) ' prompts than in the expected output. Silence the output during the repetitions, then add a final clean command to keep the expected output useful; once patched, I was finally able to run the test 20 times in a row with no failures. Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-01-18qom: Change object property iterator API contractDaniel P. Berrange1-4/+3
Currently the ObjectProperty iterator API works as follows: ObjectPropertyIterator *iter; iter = object_property_iter_init(obj); while ((prop = object_property_iter_next(iter))) { ... } object_property_iter_free(iter); This has the benefit that the ObjectPropertyIterator struct can be opaque, but has the downside that callers need to explicitly call a free function. It is also not in keeping with iterator style used elsewhere in QEMU/GLib2. This patch changes the API to use stack allocation instead: ObjectPropertyIterator iter; object_property_iter_init(&iter, obj); while ((prop = object_property_iter_next(&iter))) { ... } Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> [AF: Fused ObjectPropertyIterator struct with typedef] Signed-off-by: Andreas Färber <afaerber@suse.de>
2016-01-18qom: Allow properties to be registered against classesDaniel P. Berrange1-10/+21
When there are many instances of a given class, registering properties against the instance is wasteful of resources. The majority of objects have a statically defined list of possible properties, so most of the properties are easily registerable against the class. Only those properties which are conditionally registered at runtime need be recorded against the klass. Registering properties against classes also makes it possible to provide static introspection of QOM - currently introspection is only possible after creating an instance of a class, which severely limits its usefulness. This impl only supports simple scalar properties. It does not attempt to allow child object / link object properties against the class. There are ways to support those too, but it would make this patch more complicated, so it is left as an exercise for the future. There is no equivalent to object_property_del() provided, since classes must be immutable once they are defined. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2016-01-15nbd: Split nbd.cFam Zheng1-1/+1
We have NBD server code and client code, all mixed in a file. Now split them into separate files under nbd/, and update MAINTAINERS. filter_nbd for iotest 083 is updated to keep the log filtered out. Signed-off-by: Fam Zheng <famz@redhat.com> Message-Id: <1452760863-25350-3-git-send-email-famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-01-13error: Consistently name Error * objects err, and not errpMarkus Armbruster1-3/+3
Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1450452927-8346-25-git-send-email-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2016-01-13vhdx: Fix "log that needs to be replayed" error messageMarkus Armbruster1-2/+3
The arguments of error_setg_errno() should yield a short error string without newlines. Here, we try to append additional help to the error message by embedding newlines in the error string. That's nice, but it's doesn't play nicely with the errno part. tests/qemu-iotests/070.out shows the resulting mess: can't open device TEST_DIR/iotest-dirtylog-10G-4M.vhdx: VHDX image file 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx' opened read-only, but contains a log that needs to be replayed. To replay the log, execute: qemu-img check -r all 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx': Operation not permitted Switch to error_setg() and error_append_hint(). Result: can't open device TEST_DIR/iotest-dirtylog-10G-4M.vhdx: VHDX image file 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx' opened read-only, but contains a log that needs to be replayed To replay the log, run: qemu-img check -r all 'TEST_DIR/iotest-dirtylog-10G-4M.vhdx' Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1450452927-8346-21-git-send-email-armbru@redhat.com>
2016-01-13vmdk: Clean up "Invalid extent lines" error messageMarkus Armbruster1-3/+1
vmdk_parse_extents() reports parse errors like this: error_setg(errp, "Invalid extent lines:\n%s", p); where p points to the beginning of the malformed line in the image descriptor. This results in a multi-line error message Invalid extent lines: <first line that doesn't parse> <remaining text that may or may not parse, if any> Error messages should not have newlines embedded. Since the remaining text is not helpful, we can simply report: Invalid extent line: <first line that doesn't parse> Cc: Fam Zheng <famz@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1450452927-8346-19-git-send-email-armbru@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com>
2016-01-13qemu-io qemu-nbd: Use error_report() etc. instead of fprintf()Markus Armbruster15-89/+89
Just three instances left. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1450452927-8346-16-git-send-email-armbru@redhat.com>
2016-01-13error: Use error_reportf_err() where it makes obvious senseMarkus Armbruster2-6/+2
Done with this Coccinelle semantic patch @@ expression FMT, E, S; expression list ARGS; @@ - error_report(FMT, ARGS, error_get_pretty(E)); + error_reportf_err(E, FMT/*@@@*/, ARGS); ( - error_free(E); | exit(S); | abort(); ) followed by a replace of '%s"/*@@@*/' by '"' and some line rewrapping, because I can't figure out how to make Coccinelle transform strings. We now use the error whole instead of just its message obtained with error_get_pretty(). This avoids suppressing its hint (see commit 50b7b00), but I can't see how the errors touched in this commit could come with hints. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1450452927-8346-12-git-send-email-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2016-01-13error: Don't decorate original error message when adding to itMarkus Armbruster2-2/+2
Prepend the additional information, colon, space to the original message without enclosing it in parenthesis or quotes, like we do elsewhere. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1450452927-8346-11-git-send-email-armbru@redhat.com>
2016-01-13test-throttle: Simplify qemu_init_main_loop() error handlingMarkus Armbruster1-14/+1
The code looks like it tries to check for both qemu_init_main_loop() and qemu_get_aio_context() failure in one conditional. In fact, qemu_get_aio_context() can fail only after qemu_init_main_loop() failed. Simplify accordingly: check for qemu_init_main_loop() error directly, without bothering to improve its error message. Call qemu_get_aio_context() only when qemu_get_aio_context() succeeded. It can't fail then, so no need to check. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1450452927-8346-9-git-send-email-armbru@redhat.com>
2016-01-11libqos/ahci: organize headerJohn Snow1-12/+24
Organize the prototypes into nice little sections. Signed-off-by: John Snow <jsnow@redhat.com> Message-id: 1452282920-21550-10-git-send-email-jsnow@redhat.com
2016-01-11qtest/ahci: ATAPI data testsJohn Snow1-0/+97
Simple I/O tests for DMA and PIO pathways in the AHCI HBA. I believe at this point in time all of the common, major IO pathways in BMDMA and AHCI are covered by qtests now. Signed-off-by: John Snow <jsnow@redhat.com> Message-id: 1452282920-21550-9-git-send-email-jsnow@redhat.com
2016-01-11libqos/ahci: add ahci_execJohn Snow2-0/+93
add ahci_exec, which is a standard purpose flexible command dispatcher and tester for the AHCI device. The intent is to eventually cut down on the absurd amount of boilerplate inside of the AHCI qtest. Signed-off-by: John Snow <jsnow@redhat.com> Message-id: 1452282920-21550-8-git-send-email-jsnow@redhat.com
2016-01-11libqos/ahci: allow nondata commands for ahci_io variantsJohn Snow2-12/+5
These variants try to set a data offset, even if you don't specify one. In the cases where the offset is zero and it's a nondata command, just ignore the instruction. Signed-off-by: John Snow <jsnow@redhat.com> Message-id: 1452282920-21550-7-git-send-email-jsnow@redhat.com
2016-01-11libqos: allow zero-size allocationsJohn Snow3-10/+8
As part of streamlining the AHCI tests interface, it'd be nice if specying a size of zero could be handled without special branches and the allocator could handle this special case gracefully. This lets me use the "ahci_io" macros for non-data commands, too, which moves me forward towards shepherding all AHCI qtests into a common set of commands in a unified pipeline. Signed-off-by: John Snow <jsnow@redhat.com> Message-id: 1452282920-21550-6-git-send-email-jsnow@redhat.com
2016-01-11libqos/ahci: Switch to mutable propertiesJohn Snow1-2/+8
ATAPI commands are, unfortunately, weird in that they can be either DMA or PIO depending on a header bit. In order to accommodate them, I'll need to make AHCI command properties mutable so we can toggle between which "flavor" of ATAPI command we want to test. The default ATAPI transfer mechanism is PIO and the default properties are adjusted accordingly. Signed-off-by: John Snow <jsnow@redhat.com> Message-id: 1452282920-21550-5-git-send-email-jsnow@redhat.com
2016-01-11libqos/ahci: ATAPI identifyJohn Snow3-1/+13
We need to say "hello!" to our ATAPI friends in a slightly different manner. Signed-off-by: John Snow <jsnow@redhat.com> Message-id: 1452282920-21550-4-git-send-email-jsnow@redhat.com
2016-01-11libqos/ahci: ATAPI supportJohn Snow2-4/+89
Add pathways to tolerate ATAPI commands. Notably, unlike ATA, each SCSI command's layout is a little different, so support will have to be patched in for each command as we want to test them in e.g. ahci_command_set_sizes and ahci_command_set_offset. For now, I'm adding support for 0x28, READ (10). [Maintainer edit: replaced type-punning with stl_be_p(). --js] Signed-off-by: John Snow <jsnow@redhat.com> Message-id: 1452282920-21550-3-git-send-email-jsnow@redhat.com
2016-01-11ahci-test: fix memory leakJohn Snow1-2/+2
Use the proper free command to detroy an AHCICommand. Signed-off-by: John Snow <jsnow@redhat.com> Message-id: 1452282920-21550-2-git-send-email-jsnow@redhat.com
2016-01-08tests: acpi: print ASL diff in verbose modeIgor Mammedov1-0/+16
print ASL difference if there is any when executing 'make V=1 check'. Use 'DIFF' environment variable to determine which diff utility to use and if it's not set notify user by printing warning that DIFF is not set if run in verbose mode and there is difference in ASL. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2016-01-07iotests: Add test cases for blockdev-mirrorFam Zheng2-25/+79
Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1450932306-13717-6-git-send-email-famz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07qemu-iotests: s390x: fix test 051Bo Tu3-85/+69
Replace the remaining "-drive file..." by "-drive file=...,if=none,id=$device_id", then x86 and s390x can get the common output. "if=ide, if=floppy, if=scsi" are not supported by s390x, so these test cases are not executed for s390x platform. Signed-off-by: Bo Tu <tubo@linux.vnet.ibm.com> Message-id: 1451885360-20236-2-git-send-email-tubo@linux.vnet.ibm.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07iotests: 095: Filter _img_info outputFam Zheng2-4/+2
Signed-off-by: Fam Zheng <famz@redhat.com> Message-id: 1450752561-9300-12-git-send-email-famz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07iotests: 095: Use TEST_IMG override instead of "mv"Fam Zheng2-6/+4
Signed-off-by: Fam Zheng <famz@redhat.com> Message-id: 1450752561-9300-11-git-send-email-famz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07iotests: 050: Use TEST_IMG override instead of "mv"Fam Zheng2-4/+9
Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1450752561-9300-10-git-send-email-famz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07iotests: 038: Use TEST_IMG override instead of "mv"Fam Zheng2-2/+5
Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1450752561-9300-9-git-send-email-famz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07iotests: 037: Use TEST_IMG override instead of "mv"Fam Zheng2-2/+5
Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1450752561-9300-8-git-send-email-famz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07iotests: 034: Use TEST_IMG override instead of "mv"Fam Zheng2-2/+6
Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1450752561-9300-7-git-send-email-famz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07iotests: 028: Use TEST_IMG override instead of "mv"Fam Zheng2-2/+5
Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1450752561-9300-6-git-send-email-famz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07iotests: 024: Use TEST_IMG override instead of "mv"Fam Zheng2-4/+10
Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1450752561-9300-5-git-send-email-famz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07iotests: 020: Use TEST_IMG override instead of "mv"Fam Zheng2-3/+6
Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1450752561-9300-4-git-send-email-famz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07iotests: 019: Use TEST_IMG override instead of "mv"Fam Zheng2-8/+9
Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1450752561-9300-3-git-send-email-famz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07iotests: 018: Use TEST_IMG override instead of "mv"Fam Zheng2-5/+5
Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1450752561-9300-2-git-send-email-famz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07qemu-iotests: make check-block.sh work on out-of-tree buildsPaolo Bonzini1-1/+1
Since check-block.sh, the "check" script has learnt to find the source path. On the other hand, it expects common.env to be in the build tree (both changes made in commit 76c7560, "configure: Enable out-of-tree iotests", 2014-05-24). So, it is wrong to invoke "check" from the source path like check-block.sh does. Fix it. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1450867341-11100-1-git-send-email-pbonzini@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2016-01-07iotests: 086: Add raw formatFam Zheng1-1/+1
Raw is as qualified as qcow2 for this test case, add it for more coverage. Signed-off-by: Fam Zheng <famz@redhat.com> Message-id: 1450851979-15580-1-git-send-email-famz@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2015-12-23Merge remote-tracking branch ↵Peter Maydell2-0/+15
'remotes/berrange/tags/pull-crypto-fixes-2015-12-23-1' into staging Merge misc crypto changes & fixes # gpg: Signature made Wed 23 Dec 2015 11:11:54 GMT using RSA key ID 15104FDF # gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" # gpg: aka "Daniel P. Berrange <berrange@redhat.com>" * remotes/berrange/tags/pull-crypto-fixes-2015-12-23-1: crypto: fix transposed arguments in cipher error message crypto: ensure qapi/crypto.json is listed in qapi-modules crypto: move QCryptoCipherAlgorithm/Mode enum definitions into QAPI crypto: move QCryptoHashAlgorithm enum definition into QAPI crypto: add ability to query hash digest len crypto: add additional query accessors for cipher instances Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-23Merge remote-tracking branch ↵Peter Maydell1-6/+123
'remotes/berrange/tags/pull-io-fixes-2015-12-23-1' into staging Merge misc I/O channel fixes # gpg: Signature made Wed 23 Dec 2015 10:54:52 GMT using RSA key ID 15104FDF # gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" # gpg: aka "Daniel P. Berrange <berrange@redhat.com>" * remotes/berrange/tags/pull-io-fixes-2015-12-23-1: io: fix stack allocation when sending of file descriptors io: fix setting of QIO_CHANNEL_FEATURE_FD_PASS on server connections io: bind to loopback IP addrs in test suite Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-23crypto: add ability to query hash digest lenDaniel P. Berrange1-0/+5
Add a qcrypto_hash_digest_len() method which allows querying of the raw digest size for a given hash algorithm. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-23crypto: add additional query accessors for cipher instancesDaniel P. Berrange1-0/+10
Adds new methods to allow querying the length of the cipher key, block size and initialization vectors. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-23io: fix stack allocation when sending of file descriptorsDaniel P. Berrange1-0/+96
When sending file descriptors over a socket, we have to allocate a data buffer to hold the FDs in the scmsghdr. Unfortunately we allocated the buffer on the stack inside an if () {} block, but called sendmsg() outside the block. So the stack bytes holding the FDs were liable to be overwritten with other data. By luck this was not a problem when sending 1 FD, but if sending 2 or more then it would fail. The fix is to simply move the variables outside the nested 'if' block. To keep valgrind quiet we also zero-initialize the 'control' buffer. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-22io: fix setting of QIO_CHANNEL_FEATURE_FD_PASS on server connectionsDaniel P. Berrange1-4/+25
The QIO_CHANNEL_FEATURE_FD_PASS feature flag is set in the qio_channel_socket_set_fd() method, however, this only deals with client side connections. To ensure server side connections also have the feature flag set, we must set it in qio_channel_socket_accept() too. This also highlighted a typo fix where the code updated the sockaddr struct in the wrong object instance. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-22io: bind to loopback IP addrs in test suiteDaniel P. Berrange1-2/+2
The test suite currently binds to 0.0.0.0 or ::, which covers all interfaces of the machine. It is bad practice for test suite to open publically accessible ports on a machine, so switch to use loopback addrs 127.0.0.1 or ::1. Reported-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-22ipmi: Add testsCorey Minyard3-0/+735
Test the KCS interface with a local BMC and a BT interface with an external BMC. Signed-off-by: Corey Minyard <cminyard@mvista.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2015-12-18Merge remote-tracking branch ↵Peter Maydell4-0/+568
'remotes/berrange/tags/pull-qcrypto-secrets-base-2015-12-18-1' into staging Merge QCryptoSecret object support # gpg: Signature made Fri 18 Dec 2015 16:51:21 GMT using RSA key ID 15104FDF # gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" # gpg: aka "Daniel P. Berrange <berrange@redhat.com>" * remotes/berrange/tags/pull-qcrypto-secrets-base-2015-12-18-1: crypto: add support for loading encrypted x509 keys crypto: add QCryptoSecret object class for password/key handling qga: convert to use error checked base64 decode qemu-char: convert to use error checked base64 decode util: add base64 decoding function Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-18crypto: add QCryptoSecret object class for password/key handlingDaniel P. Berrange3-0/+455
Introduce a new QCryptoSecret object class which will be used for providing passwords and keys to other objects which need sensitive credentials. The new object can provide secret values directly as properties, or indirectly via a file. The latter includes support for file descriptor passing syntax on UNIX platforms. Ordinarily passing secret values directly as properties is insecure, since they are visible in process listings, or in log files showing the CLI args / QMP commands. It is possible to use AES-256-CBC to encrypt the secret values though, in which case all that is visible is the ciphertext. For ad hoc developer testing though, it is fine to provide the secrets directly without encryption so this is not explicitly forbidden. The anticipated scenario is that libvirtd will create a random master key per QEMU instance (eg /var/run/libvirt/qemu/$VMNAME.key) and will use that key to encrypt all passwords it provides to QEMU via '-object secret,....'. This avoids the need for libvirt (or other mgmt apps) to worry about file descriptor passing. It also makes life easier for people who are scripting the management of QEMU, for whom FD passing is significantly more complex. Providing data inline (insecure, only for ad hoc dev testing) $QEMU -object secret,id=sec0,data=letmein Providing data indirectly in raw format printf "letmein" > mypasswd.txt $QEMU -object secret,id=sec0,file=mypasswd.txt Providing data indirectly in base64 format $QEMU -object secret,id=sec0,file=mykey.b64,format=base64 Providing data with encryption $QEMU -object secret,id=master0,file=mykey.b64,format=base64 \ -object secret,id=sec0,data=[base64 ciphertext],\ keyid=master0,iv=[base64 IV],format=base64 Note that 'format' here refers to the format of the ciphertext data. The decrypted data must always be in raw byte format. More examples are shown in the updated docs. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-18util: add base64 decoding functionDaniel P. Berrange3-0/+113
The standard glib provided g_base64_decode doesn't provide any kind of sensible error checking on its input. Add a QEMU custom wrapper qbase64_decode which can be used with untrustworthy input that can contain invalid base64 characters, embedded NUL characters, or not be NUL terminated at all. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>