const char *domainLibDir)
ATTRIBUTE_NONNULL(15);
+
/* Generate the object properties for a secret */
int qemuBuildSecretInfoProps(qemuDomainSecretInfoPtr secinfo,
virJSONValuePtr *propsret);
+/* Generate the object properties for a tls-creds-x509 */
+int qemuBuildTLSx509BackendProps(const char *tlspath,
+ bool listen,
+ bool verifypeer,
+ virQEMUCapsPtr qemuCaps,
+ virJSONValuePtr *propsret);
+
/* Generate '-device' string for chardev device */
int
qemuBuildChrDeviceStr(char **deviceStr,
virDomainChrDefPtr chr)
{
int ret = -1, rc;
+ virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
qemuDomainObjPrivatePtr priv = vm->privateData;
virErrorPtr orig_err;
virDomainDefPtr vmdef = vm->def;
char *devstr = NULL;
+ virDomainChrSourceDefPtr dev = &chr->source;
char *charAlias = NULL;
bool chardevAttached = false;
+ bool tlsobjAdded = false;
+ virJSONValuePtr tlsProps = NULL;
+ char *tlsAlias = NULL;
bool need_release = false;
if (chr->deviceType == VIR_DOMAIN_CHR_DEVICE_TYPE_CHANNEL &&
if (qemuDomainChrPreInsert(vmdef, chr) < 0)
goto cleanup;
+ if (cfg->chardevTLS) {
+ if (qemuBuildTLSx509BackendProps(cfg->chardevTLSx509certdir,
+ dev->data.tcp.listen,
+ cfg->chardevTLSx509verify,
+ priv->qemuCaps,
+ &tlsProps) < 0)
+ goto cleanup;
+
+ if (!(tlsAlias = qemuAliasTLSObjFromChardevAlias(chr->info.alias)))
+ goto cleanup;
+ dev->data.tcp.tlscreds = true;
+ }
+
qemuDomainObjEnterMonitor(driver, vm);
+ if (tlsAlias) {
+ rc = qemuMonitorAddObject(priv->mon, "tls-creds-x509",
+ tlsAlias, tlsProps);
+ tlsProps = NULL; /* qemuMonitorAddObject consumes */
+ if (rc < 0)
+ goto exit_monitor;
+ tlsobjAdded = true;
+ }
+
if (qemuMonitorAttachCharDev(priv->mon, charAlias, &chr->source) < 0)
goto exit_monitor;
chardevAttached = true;
qemuDomainChrInsertPreAllocCleanup(vmdef, chr);
if (ret < 0 && need_release)
qemuDomainReleaseDeviceAddress(vm, &chr->info, NULL);
+ VIR_FREE(tlsAlias);
+ virJSONValueFree(tlsProps);
VIR_FREE(charAlias);
VIR_FREE(devstr);
+ virObjectUnref(cfg);
return ret;
exit_monitor:
orig_err = virSaveLastError();
+ if (tlsobjAdded)
+ ignore_value(qemuMonitorDelObject(priv->mon, tlsAlias));
/* detach associated chardev on error */
if (chardevAttached)
qemuMonitorDetachCharDev(priv->mon, charAlias);
virDomainChrDefPtr chr)
{
int ret = -1;
+ virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
qemuDomainObjPrivatePtr priv = vm->privateData;
virDomainDefPtr vmdef = vm->def;
virDomainChrDefPtr tmpChr;
+ char *objAlias = NULL;
char *devstr = NULL;
if (!(tmpChr = virDomainChrFind(vmdef, chr))) {
virReportError(VIR_ERR_OPERATION_INVALID, "%s",
_("device not present in domain configuration"));
- return ret;
+ goto cleanup;
}
if (!tmpChr->info.alias && qemuAssignDeviceChrAlias(vmdef, tmpChr, -1) < 0)
- return ret;
+ goto cleanup;
sa_assert(tmpChr->info.alias);
+ if (cfg->chardevTLS &&
+ !(objAlias = qemuAliasTLSObjFromChardevAlias(tmpChr->info.alias)))
+ goto cleanup;
+
if (qemuBuildChrDeviceStr(&devstr, vmdef, chr, priv->qemuCaps) < 0)
- return ret;
+ goto cleanup;
qemuDomainMarkDeviceForRemoval(vm, &tmpChr->info);
qemuDomainObjEnterMonitor(driver, vm);
- if (devstr && qemuMonitorDelDevice(priv->mon, tmpChr->info.alias) < 0) {
- ignore_value(qemuDomainObjExitMonitor(driver, vm));
- goto cleanup;
- }
+ if (devstr && qemuMonitorDelDevice(priv->mon, tmpChr->info.alias) < 0)
+ goto exit_monitor;
+
+ if (objAlias && qemuMonitorDelObject(priv->mon, objAlias) < 0)
+ goto exit_monitor;
+
if (qemuDomainObjExitMonitor(driver, vm) < 0)
goto cleanup;
cleanup:
qemuDomainResetDeviceRemoval(vm);
VIR_FREE(devstr);
+ virObjectUnref(cfg);
return ret;
+
+ exit_monitor:
+ ignore_value(qemuDomainObjExitMonitor(driver, vm));
+ goto cleanup;
}
virJSONValuePtr data = NULL;
virJSONValuePtr addr = NULL;
const char *backend_type = NULL;
+ char *tlsalias = NULL;
bool telnet;
if (!(backend = virJSONValueNewObject()) ||
virJSONValueObjectAppendBoolean(data, "telnet", telnet) < 0 ||
virJSONValueObjectAppendBoolean(data, "server", chr->data.tcp.listen) < 0)
goto error;
+ if (chr->data.tcp.tlscreds) {
+ if (!(tlsalias = qemuAliasTLSObjFromChardevAlias(chrID)))
+ goto error;
+
+ if (virJSONValueObjectAppendString(data, "tls-creds", tlsalias) < 0)
+ goto error;
+ }
break;
case VIR_DOMAIN_CHR_TYPE_UDP:
return ret;
error:
+ VIR_FREE(tlsalias);
virJSONValueFree(addr);
virJSONValueFree(data);
virJSONValueFree(backend);
projects / libvirt.git / commitdiff