return ret;
}
+
+
+/* qemuDomainGetMasterKeyAlias:
+ *
+ * Generate and return the masterKey alias
+ *
+ * Returns NULL or a string containing the master key alias
+ */
+char *
+qemuDomainGetMasterKeyAlias(void)
+{
+ char *alias;
+
+ ignore_value(VIR_STRDUP(alias, "masterKey0"));
+
+ return alias;
+}
const char *prefix);
char *qemuAliasFromDisk(const virDomainDiskDef *disk);
+
+char *qemuDomainGetMasterKeyAlias(void);
+
#endif /* __QEMU_ALIAS_H__*/
"preferred",
"interleave");
+/**
+ * qemuBuildHasMasterKey:
+ * @qemuCaps: QEMU binary capabilities
+ *
+ * Return true if this binary supports the secret -object, false otherwise.
+ */
+static bool
+qemuBuildHasMasterKey(virQEMUCapsPtr qemuCaps)
+{
+ return virQEMUCapsGet(qemuCaps, QEMU_CAPS_OBJECT_SECRET);
+}
+
+
+/**
+ * qemuBuildMasterKeyCommandLine:
+ * @cmd: the command to modify
+ * @qemuCaps qemu capabilities object
+ * @domainLibDir: location to find the master key
+
+ * Formats the command line for a master key if available
+ *
+ * Returns 0 on success, -1 w/ error message on failure
+ */
+static int
+qemuBuildMasterKeyCommandLine(virCommandPtr cmd,
+ virQEMUCapsPtr qemuCaps,
+ const char *domainLibDir)
+{
+ int ret = -1;
+ char *alias = NULL;
+ char *path = NULL;
+
+ /* If the -object secret does not exist, then just return. This just
+ * means the domain won't be able to use a secret master key and is
+ * not a failure.
+ */
+ if (!qemuBuildHasMasterKey(qemuCaps)) {
+ VIR_INFO("secret object is not supported by this QEMU binary");
+ return 0;
+ }
+
+ if (!(alias = qemuDomainGetMasterKeyAlias()))
+ return -1;
+
+ /* Get the path. NB, the mocked test will not have the created
+ * file so we cannot check for existence, which is no different
+ * than other command line options which do not check for the
+ * existence of socket files before using.
+ */
+ if (!(path = qemuDomainGetMasterKeyFilePath(domainLibDir)))
+ goto cleanup;
+
+ virCommandAddArg(cmd, "-object");
+ virCommandAddArgFormat(cmd, "secret,id=%s,format=raw,file=%s",
+ alias, path);
+
+ ret = 0;
+
+ cleanup:
+ VIR_FREE(alias);
+ VIR_FREE(path);
+ return ret;
+}
+
+
/**
* qemuVirCommandGetFDSet:
* @cmd: the command to modify
if (!standalone)
virCommandAddArg(cmd, "-S"); /* freeze CPU */
+ if (qemuBuildMasterKeyCommandLine(cmd, qemuCaps, domainLibDir) < 0)
+ goto error;
+
if (enableFips)
virCommandAddArg(cmd, "-enable-fips");
--- /dev/null
+LC_ALL=C \
+PATH=/bin \
+HOME=/home/test \
+USER=test \
+LOGNAME=test \
+QEMU_AUDIO_DRV=none \
+/usr/bin/qemu \
+-name QEMUGuest1 \
+-S \
+-object secret,id=masterKey0,format=raw,\
+file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
+-M pc \
+-m 214 \
+-smp 2 \
+-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+-nographic \
+-nodefaults \
+-monitor unix:/tmp/lib/domain--1-QEMUGuest1/monitor.sock,server,nowait \
+-no-acpi \
+-boot c \
+-usb \
+-drive file=/dev/HostVG/QEMUGuest1,format=raw,if=none,id=drive-ide0-0-0 \
+-device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0
--- /dev/null
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219136</memory>
+ <currentMemory unit='KiB'>219136</currentMemory>
+ <vcpu placement='static'>2</vcpu>
+ <os>
+ <type arch='i686' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu</emulator>
+ <disk type='block' device='disk'>
+ <driver name='qemu' type='raw'/>
+ <source dev='/dev/HostVG/QEMUGuest1'/>
+ <target dev='hda' bus='ide'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+ </disk>
+ <controller type='usb' index='0'/>
+ <controller type='ide' index='0'/>
+ <controller type='pci' index='0' model='pci-root'/>
+ <input type='mouse' bus='ps2'/>
+ <input type='keyboard' bus='ps2'/>
+ <memballoon model='none'/>
+ </devices>
+</domain>
DO_TEST("debug-threads", QEMU_CAPS_NAME_DEBUG_THREADS);
+ DO_TEST("master-key", QEMU_CAPS_OBJECT_SECRET);
+
qemuTestDriverFree(&driver);
return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
projects / libvirt.git / commitdiff