xenbits.xensource.com Git - libvirt.git/commit

author	John Ferlan <jferlan@redhat.com>
	Fri, 15 Sep 2017 17:17:59 +0000 (13:17 -0400)
committer	John Ferlan <jferlan@redhat.com>
	Fri, 24 Nov 2017 16:47:26 +0000 (11:47 -0500)
commit	c5c96545c7f84cc6a79314bea1c7fe520e8b6b8d
tree	3d8a63ae926bea9989f2347c0b246defbd94831f	tree
parent	4f44b8b5ae9aab72cbf3018552caf740c92cda09	commit \| diff

qemu: Use secret objects to pass iSCSI passwords

https://bugzilla.redhat.com/show_bug.cgi?id=1425757

The blockdev-add code provides a mechanism to sanely provide user
and password-secret arguments for iscsi without placing them on the
command line to be viewable by a 'ps -ef' type command or needing
to create separate -iscsi devices for each disk/volume found.

So modify the iSCSI command line building to check for the presence
of the capability in order properly setup and use the domain master
secret object to encrypt the password in a secret object and alter
the parameters for the command line to utilize.

Modify the xml2argvtest to exhibit the syntax for both disk and
hostdev configurations.

src/qemu/qemu_command.c		diff \| blob \| blame \| history
src/qemu/qemu_command.h		diff \| blob \| blame \| history
src/qemu/qemu_domain.c		diff \| blob \| blame \| history
src/qemu/qemu_hotplug.c		diff \| blob \| blame \| history
tests/qemuxml2argvdata/qemuxml2argv-disk-hostdev-scsi-virtio-iscsi-auth-AES.args	[new file with mode: 0644]	blob
tests/qemuxml2argvdata/qemuxml2argv-disk-hostdev-scsi-virtio-iscsi-auth-AES.xml	[new file with mode: 0644]	blob
tests/qemuxml2argvtest.c		diff \| blob \| blame \| history